Computer Security
[EN] securityvulns.ru no-pyccku


TFTPDWIN TFTP server buffer overflow
Published:21.09.2006
Source:
SecurityVulns ID:6641
Type:remote
Threat Level:
5/10
Description:Buffer overflow on oversized requested resource filename.
Affected:TFTPDWIN : TFTPdWin 0.4
CVE:CVE-2007-1404 (tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 allows remote attackers to cause a denial of service via a long UDP packet that is not properly handled in a recv_from call. NOTE: this issue might be related to CVE-2006-4948.)
 CVE-2006-4948 (Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a long file name. NOTE: the provenance of this information is unknown; the details are obtained from third party information.)
Original documentdocumentSECUNIA, [SA21854] TFTP Server TFTPDWIN Buffer Overflow Vulnerability (21.09.2006)
Files:TFTPDWIN Server UDP DOS 0.4.2 POC

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod