SolarWinds TFTP Server < 10.4.0.14 DoS

This script is Copyright (C) 2010-2012 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that is affected by a
denial of service vulnerability.

Description :

At least one instance of SolarWinds TFTP Server earlier than version
10.4.0.14 is installed on the remote host. Such versions are
reportedly affected by a denial of service vulnerability.

By sending an overly long 'Write' request it may be possible for an
attacker to crash the remote TFTP server.

See also :

http://www.nessus.org/u?0de0893b

Solution :

Upgrade to SolarWinds TFTP Server 10.4.0.14 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.8
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 47138 ()

Bugtraq ID: 40824

CVE ID: CVE-2010-2310