CVE-2004-1641 PoC — Titan FTP远程超长命令堆溢出漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/network/cves/2004/CVE-2004-1641.yaml

Associated Vulnerability

Title:Titan FTP远程超长命令堆溢出漏洞 (CVE-2004-1641)
Description:Titan FTP Server是一款FTP服务程序。 Titan FTP Serverr在处理包含超长字符串多个命令时存在问题，远程攻击者可以利用这个漏洞对FTP服务程序进行拒绝服务攻击。 FTP服务程序对一些包含超长字符串的CWD、LIST、STAT等命令缺少正确的边界缓冲区检查，可导致触发基于堆的溢出，精心构建提交数据，可能以服务进程权限执行任意指令。

Description

Titan FTP versions ≤ 3.21 contain heap overflow vulnerabilities when processing long FTP commands such as CWD, STAT, or LIST. Remote attackers can cause denial of service (daemon crash) by sending excessively long arguments to these commands, potentially leading to server instability.

File Snapshot


 id: CVE-2004-1641

info:
  name: Titan FTP ≤ 3.21 - Heap Overflow via Long Commands
  author: pussyc

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!