Exploits - exploit.company

AT-TFTP Server v1.9 Buffer Overflow Vulnerability

A vulnerability has been identified in TFTP Server AT-TFTP Server v1.9, which could be exploited by remote or local attackers to execute arbitrary commands or cause a denial of service. This flaw is due to a buffer overflow error when handling an overly long file name (more than 227 bytes) passed to a 'GET' or 'PUT' command, which could be exploited by malicious users to compromise a vulnerable system or crash an affected application.

7.5

CVSS

HIGH

Buffer Overflow

Affected Version

Allied Telesyn International

Allied Telesyn TFTP Server 1.9 Long Filename Overflow

This module exploits a stack buffer overflow in AT-TFTP v1.9, by sending a request (get/write) for an overly long file name.

Windows NT SP4, Windows 2000 SP0-SP4, Windows XP SP0-SP2, Windows Server 2003

Affected Version

xis_one@STM Solutions

vendor:

Allied Telesis

AT-TFTP 2.0 long filename stack based buffer overflow – DOS

AT-TFTP 2.0 is vulnerable to a stack based buffer overflow vulnerability. The vulnerability is triggered when a maliciously crafted packet is sent to the server. This can lead to a denial of service (DoS) condition. The vulnerability was discovered in 2006 by liuqx@nipc.org.cn and is still present in version 2.0. The exploit can be triggered remotely and has been tested on Windows XP SP3.

Affected Version

AT-TFTP Server v1.8 Remote Directory Traversal Vulnerability

The vulnerability allows an unprivileged attacker to read & write files whom he has no permissions to. The vulnerable TFTP commands are: GET - Read File, PUT - Write File.

Windows XP Hebrew, Service Pack 3

Affected Version

From:

1.8