Test Kennung:	1.3.6.1.4.1.25623.1.0.902835
Kategorie:	Denial of Service
Titel:	TFTPD32 Request Error Message Format String Vulnerability
Zusammenfassung:	This host is running TFTPD32 and is prone to format string; vulnerability.
Beschreibung:	Summary: This host is running TFTPD32 and is prone to format string vulnerability. Vulnerability Insight: The flaw is due to a format string error when the filename received in a TFTP request is used to construct an error message. This can be exploited to crash the application via a TFTP request packet containing a specially crafted filename. Vulnerability Impact: Successful exploitation will allow attacker to cause a denial of service. Affected Software/OS: Tftpd32 version 2.81. Solution: Upgrade to Tftpd32 version 2.8.2 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	BugTraq ID: 16333 Common Vulnerability Exposure (CVE) ID: CVE-2006-0328 http://www.securityfocus.com/bid/16333 Bugtraq: 20060119 Critical security advisory #006 tftpd32 Format string (Google Search) http://www.securityfocus.com/archive/1/422405/100/0/threaded CERT/CC vulnerability note: VU#632633 http://www.kb.cert.org/vuls/id/632633 http://www.critical.lt/?vulnerabilities/200 http://www.critical.lt/research/tftpd32_281_dos.txt http://www.osvdb.org/22661 http://secunia.com/advisories/18539 http://securityreason.com/securityalert/362 http://www.vupen.com/english/advisories/2006/0263 XForce ISS Database: tftpd32-request-format-string(24250) https://exchange.xforce.ibmcloud.com/vulnerabilities/24250
Copyright	Copyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.