Vulnerabilities > CVE-2006-0328 - Unspecified vulnerability in Philippe Jounin Tftpd32 2.81
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Tftpd32 2.81 (GET Request) Format String Denial of Service PoC. CVE-2006-0328. Dos exploit for windows platform |
| id | EDB-ID:1424 |
| last seen | 2016-01-31 |
| modified | 2006-01-19 |
| published | 2006-01-19 |
| reporter | Critical Security |
| source | https://www.exploit-db.com/download/1424/ |
| title | Tftpd32 2.81 - GET Request Format String Denial of Service PoC |
Nessus
| NASL family | Gain a shell remotely |
| NASL id | TFTPD32_FORMAT_STRING.NASL |
| description | The remote host appears to be running Tftpd32, a tftpd server for Windows. There is a format string vulnerability in versions of Tftpd32 up to and including 2.81 that may allow remote attackers to crash the server or to execute code on the affected host subject to the privileges under which the server operates, possibly SYSTEM since the application can be configured to run as a service. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 20755 |
| published | 2006-01-20 |
| reporter | This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/20755 |
| title | Tftpd32 Error Message Format String |
References
- http://secunia.com/advisories/18539
- http://secunia.com/advisories/18539
- http://securityreason.com/securityalert/362
- http://securityreason.com/securityalert/362
- http://www.critical.lt/?vulnerabilities/200
- http://www.critical.lt/?vulnerabilities/200
- http://www.critical.lt/research/tftpd32_281_dos.txt
- http://www.critical.lt/research/tftpd32_281_dos.txt
- http://www.kb.cert.org/vuls/id/632633
- http://www.kb.cert.org/vuls/id/632633
- http://www.osvdb.org/22661
- http://www.osvdb.org/22661
- http://www.securityfocus.com/archive/1/422405/100/0/threaded
- http://www.securityfocus.com/archive/1/422405/100/0/threaded
- http://www.securityfocus.com/bid/16333
- http://www.securityfocus.com/bid/16333
- http://www.vupen.com/english/advisories/2006/0263
- http://www.vupen.com/english/advisories/2006/0263
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24250
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24250