PacketTrap pt360 TFTP Server < 1.0.3302.0 Multiple Vulnerabilities

High Nessus Plugin ID 31467


The remote TFTP server is affected by multiple flaws.


PacketTrap pt360 Tool Suite is installed on the remote system. It is a single reporting solution that integrates various free network management tools provided by PacketTrap Networks.

The tool suite includes a TFTP server component that is susceptible to a directory traversal and a denial of service attack. By sending a specially crafted string, an attacker may be able to crash the affected service or to read or write arbitrary files on the remote system, subject to the privileges of the user under which the TFTP server runs.

If it is run by a user with Administrator privileges, successful exploitation of the issue may lead to a complete system compromise.


Upgrade to PacketTrap pt360 Tool Suite version 1.0.3302.0 or later.

See Also

Plugin Details

Severity: High

ID: 31467

File Name: packetrap_tftpd_dir_traversal.nasl

Version: $Revision: 1.17 $

Type: local

Agent: windows

Family: Windows

Published: 2008/03/13

Modified: 2016/11/23

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 7.6

Temporal Score: 6.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2008-1310, CVE-2008-1311, CVE-2008-1312

BID: 28078, 28079, 28187

OSVDB: 42932, 43060, 43061

Secunia: 29207

CWE: 20, 22