Lucene search
K

8 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

TFTPDWIN 0.4.2 - Long Filename Buffer Overflow

No description provided by source. $Id: tftpdwinlongfilename.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/04/30 12:0 a.m.37 views

ProSysInfo TFTP server TFTPDWIN 0.4.2 - 'Filename' Remote Buffer Overflow (Metasploit)

$Id: tftpdwinlongfilename.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.5CVSS7AI score0.54094EPSS
Exploits3
OpenVAS
OpenVAS
added 2009/08/31 12:0 a.m.27 views

ProSysInfo TFTPDWIN 0.4.2 Remote Buffer Overflow Vulnerability - Active Check

TFTPDWIN server is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a...

7.5CVSS5.8AI score0.54094EPSS
Exploits3References1
Metasploit
Metasploit
added 2007/10/03 12:17 p.m.35 views

TFTPDWIN v0.4.2 Long Filename Buffer Overflow

This module exploits the ProSysInfo TFTPDWIN threaded TFTP Server. By sending an overly long file name to the tftpd.exe server, the stack can be overwritten. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

7.5CVSS7AI score0.54094EPSS
Exploits3
Prion
Prion
added 2007/03/10 10:19 p.m.13 views

Sql injection

tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 allows remote attackers to cause a denial of service via a long UDP packet that is not properly handled in a recvfrom call. NOTE: this issue might be related to CVE-2006-4948...

7.3CVSS6.8AI score0.66738EPSS
Exploits3References4Affected Software1
CVE
CVE
added 2007/03/10 10:0 p.m.43 views

CVE-2007-1404

This CVE concerns ProSysInfo TFTPDWIN 0.4.2’s tftpd.exe, where a remote attacker can trigger a denial of service by sending a long UDP packet to recv_from. Several sources describe a long filename input leading to a stack/buffer overflow, with exploit code and mitigations tied to CVE-2006-4948 re...

7.3CVSS6.6AI score0.66738EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2006/09/23 1:0 a.m.47 views

CVE-2006-4948

CVE-2006-4948 affects ProSysInfo TFTPDWIN 0.4.2 and earlier. A stack-based buffer overflow in tftpd.exe can be triggered by a long filename sent to the TFTP server, allowing remote attackers to cause arbitrary code execution or a denial of service. Public references show a long filename vulnerabi...

7.5CVSS8AI score0.54094EPSS
Exploits3References5Affected Software1
Cvelist
Cvelist
added 2006/09/23 1:0 a.m.30 views

CVE-2006-4948

Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a long file name. NOTE: the provenance of this information is unknown; the details are obtained from third party...

8AI score0.54094EPSS
Exploits3References5
Rows per page
Query Builder