8 matches found
TFTPDWIN 0.4.2 - Long Filename Buffer Overflow
No description provided by source. $Id: tftpdwinlongfilename.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...
ProSysInfo TFTP server TFTPDWIN 0.4.2 - 'Filename' Remote Buffer Overflow (Metasploit)
$Id: tftpdwinlongfilename.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
ProSysInfo TFTPDWIN 0.4.2 Remote Buffer Overflow Vulnerability - Active Check
TFTPDWIN server is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a...
TFTPDWIN v0.4.2 Long Filename Buffer Overflow
This module exploits the ProSysInfo TFTPDWIN threaded TFTP Server. By sending an overly long file name to the tftpd.exe server, the stack can be overwritten. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
Sql injection
tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 allows remote attackers to cause a denial of service via a long UDP packet that is not properly handled in a recvfrom call. NOTE: this issue might be related to CVE-2006-4948...
CVE-2007-1404
This CVE concerns ProSysInfo TFTPDWIN 0.4.2’s tftpd.exe, where a remote attacker can trigger a denial of service by sending a long UDP packet to recv_from. Several sources describe a long filename input leading to a stack/buffer overflow, with exploit code and mitigations tied to CVE-2006-4948 re...
CVE-2006-4948
CVE-2006-4948 affects ProSysInfo TFTPDWIN 0.4.2 and earlier. A stack-based buffer overflow in tftpd.exe can be triggered by a long filename sent to the TFTP server, allowing remote attackers to cause arbitrary code execution or a denial of service. Public references show a long filename vulnerabi...
CVE-2006-4948
Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a long file name. NOTE: the provenance of this information is unknown; the details are obtained from third party...