header-logo
Suggest Exploit
vendor:
Tftpd32
by:
SecurityFocus
8.8
CVSS
HIGH
Remote File Download/Upload
434
CWE
Product Name: Tftpd32
Affected Version From: 02.01
Affected Version To: 02.01
Patch Exists: YES
Related CWE: CVE-2002-0392
CPE: o:tftpd32:tftpd32
Metasploit: https://www.rapid7.com/db/vulnerabilities/apache-httpd-cve-2002-0392/https://www.rapid7.com/db/vulnerabilities/http-apache2-chunked-transfer-int-bof/https://www.rapid7.com/db/vulnerabilities/apache-httpd-1_3_x-apache-chunked-encoding-vulnerability-cve-2002-0392/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

A vulnerability has been discovered in Tftpd32

Tftpd32 is vulnerable to a remote file download/upload attack, allowing an attacker to download and upload arbitrary system files. This can be exploited by sending a GET or PUT request to the tftp host, followed by the file path. For example, an attacker can send a GET request to download the boot.ini file, or a PUT request to upload a malicious file to the boot.ini path.

Mitigation:

Upgrade to the latest version of Tftpd32.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6198/info

A vulnerability has been discovered in Tftpd32 which allows a remote attacker to download and upload arbitrary system files. The ability to upload system files may allow an attacker to replaced key system files with trojaned copies, used to open backdoors into a target system. 

tftp host GET /boot.ini
tftp host PUT myfile /boot.ini

Navigation

Suggest Exploit

Services By CQR