Tftpd32 GET/PUT Command File Name Handling Overflow
Medium Nessus Plugin ID 23650
SynopsisThe remote TFTP server is affected by a buffer overflow vulnerability.
DescriptionThe remote host appears to be running Tftpd32, a tftpd server for Windows.
The version of Tftpd32 installed on the remote host appears to be affected by a buffer overflow vulnerability involving long filenames.
By leveraging this flaw, a remote attacker may be able to crash the server or to execute code on the affected host subject to the privileges under which the server operates, possibly SYSTEM since the application can be configured to run as a service.
SolutionUnknown at this time.