TFTP Server error packet buffer overflow

2008-09-12T00:00:00
ID SAINT:A60F3DBC5FC16126618E616B3391ACE4
Type saint
Reporter SAINT Corporation
Modified 2008-09-12T00:00:00

Description

Added: 09/12/2008
CVE: CVE-2008-2161
BID: 29111
OSVDB: 44904

Background

TFTP Server is an open source server implementation of the tftp protocol for multiple platforms.

Problem

A buffer overflow vulnerability in the handling of error packets allows remote attackers to execute arbitrary commands.

Resolution

Upgrade to version 1.6 or higher when available, if that version contains a fix. Otherwise restrict access to the tftp service.

References

<http://www.milw0rm.com/exploits/5563>

Limitations

Exploit works on TFTP Server SP 1.4.

A different payload is required depending upon whether the service runs as a network service or standalone. Choose the first platform if TFTP Server is running as a network service, and the second if it is running standalone.

Platforms

Windows