3CTftpSvc Long Transport Mode Remote Overflow

This script is Copyright (C) 2006-2014 Tenable Network Security, Inc.


Synopsis :

The remote TFTP server is affected by a buffer overflow vulnerability.

Description :

The remote host appears to be running 3CTftpSvc, a TFTPD server for
Windows.

The version of Tftpd32 installed on the remote host appears to be
affected by a buffer overflow vulnerability involving a long transport
mode when getting or putting files. By leveraging this flaw, a remote
attacker may be able to crash the remote service or execute code on
the affected host subject to the privileges under which the service
operates, by default LOCAL SYSTEM.

See also :

http://www.securityfocus.com/archive/1/452754/30/0/threaded

Solution :

Unknown at this time.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.5
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 23735 (3ctftpsvc_mode_overflow.nasl)

Bugtraq ID: 21301
21322

CVE ID: CVE-2006-6183

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now