Published: 01/12/2006 Updated: 17/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote malicious users to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.

Vulnerable Product	Search on Vulmon	Subscribe to Product
alliedtelesyn at-tftp

#!/usr/bin/perl -w #acaro[at]jervusit #wwwsecurityfocuscom/bid/21320 # # liuqx@nipcorgcn is credited with the discovery of this vulnerability use IO::Socket; if(!($ARGV[1])) { print "Uso: atftp-19pl <victim> <port>\n\n"; exit; } $victim = IO::Socket::INET->new(Proto=>'udp', Pee ...

# Exploit Title: AT-TFTP 20 long filename stack based buffer overflow - DOS # Date: 12042013 # Exploit Author: xis_one@STM Solutions # Vendor Homepage: wwwalliedtelesiscom/ # Software Link: alliedtelesiscusthelpcom/cgi-bin/alliedtelesiscfg/php/enduser/std_adpphp?p_faqid=1081&p_created=981539150&p_topview=1 # Versi ...

//################################################ // //Vulnerability: Remote Buffer Overflow Exploit //Impact: Remote Denial of Service Attack //Vulnerable Application: TFTP Daemon Version 19 //Tested on Windows XP Service Pack II // //Author: Socket_0x03 //Contact: Socket_0x03 (at) teraexe (dot) com [email concealed] //Website: wwwteraexecom / ...

## # $Id: attftp_long_filenamerb 11882 2011-03-05 21:00:57Z bannedit $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core ...

simplified version of https://github.com/shauntdergrigorian/cve-2006-6184

CVE-2006-6184 This is a python-based standalone exploit for CVE-2006-6184 This exploit triggers a stack-based buffer overflow in Allied Telesyn TFTP Server (AT-TFTP) 19, and possibly earlier, allowing remote attackers to cause a denial of service or execute arbitrary code Quick Start let exploit/multi/handler listening python generatepy LHOST LPORT PAYLOAD RHOST RPORT (PA

This is a python-based standalone exploit for CVE-2006-6184. This exploit triggers a stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service or execute arbitrary code.

CVE-2006-6184 This is a python-based standalone exploit for CVE-2006-6184 This exploit triggers a stack-based buffer overflow in Allied Telesyn TFTP Server (AT-TFTP) 19, and possibly earlier, allowing remote attackers to cause a denial of service or execute arbitrary code Instructions (Updated for 2020) The payload must be customized to include your own IP address and listen

NVD-CWE-Other http://www.securityfocus.com/bid/21320 http://secunia.com/advisories/23106 http://securityreason.com/securityalert/1929 http://www.vupen.com/english/advisories/2006/4737 http://www.osvdb.org/11350 http://www.exploit-db.com/exploits/16350 http://securityreason.com/securityalert/8120 http://www.exploit-db.com/exploits/24952 https://exchange.xforce.ibmcloud.com/vulnerabilities/30539 http://www.securityfocus.com/archive/1/452743/100/0/threaded https://nvd.nist.gov https://github.com/b03902043/CVE-2006-6184 https://www.exploit-db.com/exploits/2887/

CVE-2006-6184

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect