[2/5] PacketTrap pt360 TFTP Filename Handling Denial of Service

March 10th, 2008 by

[2/5] PacketTrap pt360 TFTP Filename Handling Denial of Service

:Luigi Auriemma has reported a vulnerability in PacketTrap pt360 TFTP server, which can be exploited by malicious people to cause a DoS (Denial of Service).The vulnerability is caused due to an error when handling certain invalid filenames. This can be exploited to prevent the TFTP server from responding by sending specially crafted requests to the service.The vulnerability is reported in version 2.0.3901.0. Other versions may also be affected.Solution:Use a firewall to allow only trusted hosts access to the service.Provided and/or discovered by:Luigi AuriemmaOriginal Advisory:http://aluigi.altervista.org/adv/packettrash-adv.txt

Original post by Pankaj

[2/5] PacketTrap pt360 TFTP Filename Handling Denial of Service

Related Articles:

[3/5] PacketTrap pt360 TFTP Server Two Vulnerabilities

[3/5] TFTP Server SP Long Filename Buffer Overflow Vulnerability

[3/5] Quick Tftp Server Pro Long Mode Buffer Overflow Vulnerability

[3/5] BootManage TFTP Server Buffer Overflow Vulnerability

[3/5] TFTP Server SP Long Error Message Buffer Overflow

Posted in Advisories - Exploits | | [2/5] PacketTrap pt360 TFTP Filename Handling Denial of Service

<< [2/5] Acronis Snap Deploy PXE Server TFTP Vulnerabilities | [2/5] Panda Products cpoint.sys Privilege Escalation Vulnerabilities >>

Cybertrion Systems

[2/5] PacketTrap pt360 TFTP Filename Handling Denial of Service

Categories

Archives:

Search:

Meta: