Vulnerabilities > South River Technologies

DATE CVE VULNERABILITY TITLE RISK
2010-01-13 CVE-2009-4606 Permissions, Privileges, and Access Controls vulnerability in South River Technologies Webdrive 9.02
South River Technologies WebDrive 9.02 build 2232 installs the WebDrive Service without a security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command.
local
low complexity
south-river-technologies CWE-264
7.2
2008-11-29 CVE-2008-5281 Buffer Errors vulnerability in South River Technologies Titan FTP Server 6.05
Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows remote attackers to execute arbitrary code via a long DELE command.
network
low complexity
south-river-technologies CWE-119
critical
10.0
2008-02-12 CVE-2008-0702 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in South River Technologies Titan FTP Server 6.0.5.549/6.03
Multiple heap-based buffer overflows in Titan FTP Server 6.03 and 6.0.5.549 allow remote attackers to cause a denial of service (daemon crash or hang) and possibly execute arbitrary code via a long argument to the (1) USER or (2) PASS command, different vectors than CVE-2004-1641.
9.3
2004-08-29 CVE-2004-1641 Remote Heap Overflow vulnerability in Titan FTP Server CWD Command
Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote attackers to cause a denial of service (crash) via a long FTP command such as (1) CWD, (2) STAT, or (3) LIST.
network
low complexity
south-river-technologies
5.0
2004-07-07 CVE-2004-0437 Denial-Of-Service vulnerability in South River Technologies Titan FTP Server 3.01Build163
Titan FTP Server version 3.01 build 163, and possibly other versions before build 169, allows remote authenticated users to cause a denial of service (crash) by disconnecting from the system during a "LIST -L" command, which causes Titan to access an invalid socket.
network
low complexity
south-river-technologies
5.0