PacketTrap pt360 TFTP Server < 1.0.3302.0 Multiple Vulnerabilities
High Nessus Plugin ID 31467
SynopsisThe remote TFTP server is affected by multiple flaws.
DescriptionPacketTrap pt360 Tool Suite is installed on the remote system. It is a single reporting solution that integrates various free network management tools provided by PacketTrap Networks.
The tool suite includes a TFTP server component that is susceptible to a directory traversal and a denial of service attack. By sending a specially crafted string, an attacker may be able to crash the affected service or to read or write arbitrary files on the remote system, subject to the privileges of the user under which the TFTP server runs.
If it is run by a user with Administrator privileges, successful exploitation of the issue may lead to a complete system compromise.
SolutionUpgrade to PacketTrap pt360 Tool Suite version 1.0.3302.0 or later.