Info

Disclosure

Mar 27, 2008

Discovery

Unknown

Dates

Exploit

Mar 26, 2008

Solution

Unknown

Description

A remote overflow exists in TFTP Server SP. The service fails to properly check bounds on user input resulting in a stack-based buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Public

Solution

Upgrade to version 1.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

TFTP Server

TFTP Server SP

1.4

References

Exploit Database: 18345 18759 5314
CVE ID: 2008-1611 (see also: NVD)
Secunia Advisory ID: 29508
Metasploit ID: 43785
Milw0rm: 5314
Packet Storm: http://packetstormsecurity.org/files/112007/TFTP-Server-for-Windows-1.4-ST-WRQ-Buffer-Overflow.html
Vendor URL: http://sourceforge.net/projects/tftp-server/
Other Advisory URL: http://www.offensive-security.com/0day/sourceforge-tftpd.py.txt
Generic Exploit URL: http://www.securiteam.com/exploits/5AP2U2A96A.html

Credit

Mati Aharoni - mutswhitehat.co.il -

Direct URL: http://osvdb.org/43785