Bugtraq: DDIVRT-2008-09 PacketTrap PT360 Tool Suite TFTP Denial of Service Vulnerability

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

DDIVRT-2008-09 PacketTrap PT360 Tool Suite TFTP Denial of Service Vulnerability

From: vulnerabilityresearch () digitaldefense net
Date: 3 Mar 2008 14:22:27 -0000

Title
-----
DDIVRT-2008-09 PacketTrap PT360 Tool Suite TFTP Denial of Service

Severity
--------
Medium

Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: princeofnigeria and r () b13$

Date Discovered
---------------
1/29/2008

Vulnerability Description
-------------------------
The default installation of the PacketTrap PT360 Tool Suite Version 1.1.33.1.0 TFTP server component is susceptible to 
denial of service condition. A remote or local attacker can exploit this flaw by sending a specially crafted packet to 
the TFTP server. Successful exploitation of this flaw will cause the TFTP server process to crash.  The TFTP server 
will need to be restarted to resume normal TFTP server operations.

Solution Description
--------------------
PacketTrap Networks, Inc. released a patch (#3302) for this flaw on February 29, 2008.  

Tested Systems / Software (with versions)
------------------------------------------
Windows XP Professional Service Pack 2, PacketTrap PT360 Tool Suite Version 1.1.33.1.0.  Other versions may be 
vulnerable.

Vendor Contact
--------------
Name: PacketTrap Networks, Inc.
Website: http://www.packettrap.com/

By Date By Thread

Current thread:

DDIVRT-2008-09 PacketTrap PT360 Tool Suite TFTP Denial of Service Vulnerability vulnerabilityresearch (Mar 03)