Vulnerabilities > CVE-2007-1404 - Denial-Of-Service vulnerability in Prosysinfo Tftp Server Tftpdwin 0.4.2

047910
CVSS 7.3 - HIGH
Attack vector
ADJACENT_NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
NONE
Availability impact
COMPLETE
prosysinfo
exploit available

Summary

tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 allows remote attackers to cause a denial of service via a long UDP packet that is not properly handled in a recv_from call. NOTE: this issue might be related to CVE-2006-4948.

Vulnerable Configurations

Part Description Count
Application
Prosysinfo
1

Exploit-Db

  • descriptionProSysInfo TFTP Server TFTPDWIN 0.4.2 Remote BOF Exploit. CVE-2007-1404. Remote exploit for windows platform
    idEDB-ID:9468
    last seen2016-02-01
    modified2009-08-18
    published2009-08-18
    reporterWraith
    sourcehttps://www.exploit-db.com/download/9468/
    titleProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote BoF Exploit
  • descriptionTFTPDWIN Server 0.4.2 (UDP) Denial of Service Exploit. CVE-2007-1404. Dos exploit for windows platform
    fileexploits/windows/dos/3432.pl
    idEDB-ID:3432
    last seen2016-01-31
    modified2007-03-08
    platformwindows
    port
    published2007-03-08
    reporterUmesh Wanve
    sourcehttps://www.exploit-db.com/download/3432/
    titleTFTPDWIN Server 0.4.2 - UDP Denial of Service Exploit
    typedos