Detections
Analytics

TFTPD small overflow

high Nessus Plugin ID 18493

Language:

Synopsis

The remote TFTP server has a denial of service vulnerability.

Description

It is possible to crash the remote TFTP server by sending a small UDP packet. A remote attacker could exploit this to crash the service.

Solution

Upgrade to the latest version of this software.

Plugin Details

Severity: High

ID: 18493

File Name: tftpd_small_overflow.nasl

Version: 1.15

Type: remote

Published: 6/15/2005

Updated: 8/15/2022

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport, Services/udp/tftp

Exploit Available: true

Exploit Ease: No exploit is required

Exploited by Nessus: true

Reference Information

BID: 13908