SolarWinds TFTP Server < 10.4.0.13 DoS

This script is Copyright (C) 2010-2012 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that is affected by a
denial of service vulnerability.

Description :

At least one instance of SolarWinds TFTP Server earlier than version
10.4.0.13 is installed on the remote host. Such versions are
reportedly affected by a denial of service vulnerability.

By sending a specially crafted 'Read Request' it may be possible for
an attacker to make the server stop accepting additional
connections.

See also :

http://www.nessus.org/u?0447d82b
http://www.nessus.org/u?31437e59

Solution :

Upgrade to version 10.4.0.13, which reportedly fixes this issue.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.8
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 47137 ()

Bugtraq ID: 40333

CVE ID: CVE-2010-2115