| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20080303142227.4573.qmail@securityfocus.com> Date: 3 Mar 2008 14:22:27 -0000 From: vulnerabilityresearch@...italdefense.net To: bugtraq@...urityfocus.com Subject: DDIVRT-2008-09 PacketTrap PT360 Tool Suite TFTP Denial of Service Vulnerability Title ----- DDIVRT-2008-09 PacketTrap PT360 Tool Suite TFTP Denial of Service Severity -------- Medium Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: princeofnigeria and r@...$ Date Discovered --------------- 1/29/2008 Vulnerability Description ------------------------- The default installation of the PacketTrap PT360 Tool Suite Version 1.1.33.1.0 TFTP server component is susceptible to denial of service condition. A remote or local attacker can exploit this flaw by sending a specially crafted packet to the TFTP server. Successful exploitation of this flaw will cause the TFTP server process to crash. The TFTP server will need to be restarted to resume normal TFTP server operations. Solution Description -------------------- PacketTrap Networks, Inc. released a patch (#3302) for this flaw on February 29, 2008. Tested Systems / Software (with versions) ------------------------------------------ Windows XP Professional Service Pack 2, PacketTrap PT360 Tool Suite Version 1.1.33.1.0. Other versions may be vulnerable. Vendor Contact -------------- Name: PacketTrap Networks, Inc. Website: http://www.packettrap.com/
Powered by blists - more mailing lists