|
Family: Gain root remotely --> Category: denial
AT-TFTP Server Long Filename Buffer Overflow Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for a buffer overflow vulnerability in AT-TFTP Server
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote tftp server is affected by a buffer overflow vulnerability.
Description :
The remote host appears to be running AT-TFTP Server, a tftpd server
for Windows.
The version of AT-TFTP Server installed on the remote host appears to
be affected by a buffer overflow vulnerability involving a long
filenames when getting or putting files. By leveraging this flaw, a
remote attacker may be able to crash the remote service or to execute
code on the affected host subject to the rights under which the
server operates.
See also :
http://aluigi.altervista.org/adv/attftp-adv.txt
http://www.securityfocus.com/archive/1/452743/30/0/threaded
Solution :
Unknown at this time.
Threat Level:
Critical / CVSS Base Score : 10.0
(AV:R/AC:L/Au:NR/C:C/I:C/A:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|