Published: 23/09/2006 Updated: 20/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 765

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and previous versions allows remote malicious users to execute arbitrary code or cause a denial of service via a long file name. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
prosysinfo tftp server tftpdwin

#!/usr/bin/perl -w use IO::Socket; if(!($ARGV[1])) { print "Usage: tftpdwin-0-4-2pl <target host> <port>\n\n"; exit; } $victim = IO::Socket::INET->new(Proto=>'udp', PeerAddr=>$ARGV[0], PeerPort=>$ARGV[1]) or die "Cannot connect t ...

#!/usr/bin/perl # # ProSysInfo TFTP server TFTPDWIN <= 042 # Universal Remote Buffer Overflow Exploit # [Works on all Windows versions] # ---------------------------------------- # Exploit by SkD (skdrat@hotmailcom) # # Let's take a description from their page at: # wwwtftpserverprosysinfocompl # # "The TFTP Server TFTPDWIN s ...

## # $Id: tftpdwin_long_filenamerb 9179 2010-04-30 08:40:19Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' ...

NVD-CWE-Other http://secunia.com/advisories/21854 http://www.securityfocus.com/bid/20131 http://www.osvdb.org/29032 http://www.vupen.com/english/advisories/2006/3731 https://exchange.xforce.ibmcloud.com/vulnerabilities/29075 https://nvd.nist.gov https://www.exploit-db.com/exploits/3132/

CVE-2006-4948

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect