ID
VAR-E-200411-0206
TITLE
Allied Telesyn TFTP Daemon Multiple Remote Vulnerabilities
Trust: 0.3
DESCRIPTION
The Allied Telesyn TFTP service is reported to be prone to multiple vulnerabilities. The following specific issues are reported:
1. Allied Telesyn TFTP Server is reported susceptible to a directory-traversal vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input data.
This vulnerability allows remote attackers to retrieve or overwrite the contents of arbitrary potentially sensitive files located on the serving appliance with the privileges of the TFTP server process.
2. Allied Telesyn TFTP Server is reported prone to a remote buffer-overflow vulnerability.
This vulnerability may be exploited by a remote attacker to crash the affected service.
NOTE (November 17, 2010): This vendor may now be known as Allied Telesis.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | allied | model: | telesyn tftp daemon | scope: | eq | version: | 1.8 | Trust: 0.3 |
| vendor: | allied | model: | telesis at-tftp server | scope: | eq | version: | 1.8 | Trust: 0.3 |
EXPLOIT
The following proof of concept exploits are available:
A] tftpx -f example.com 229 none
B] tftpx example.com ../secret.txt secret.txt
tftpx -u example.com ../../windows/calc.exe evil.exe
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Unknown
Trust: 0.3
CREDITS
Discovery of these vulnerabilities is credited to Luigi Auriemma.
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 11584 | Trust: 0.3 |
REFERENCES
| url: | http://www.alliedtelesyn.com | Trust: 0.3 |
| url: | http://aluigi.altervista.org/adv/attftp-adv.txt | Trust: 0.3 |
SOURCES
| db: | BID | id: | 11584 |
LAST UPDATE DATE
2022-07-27T10:02:20.051000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 11584 | date: | 2010-11-17T17:06:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 11584 | date: | 2004-11-02T00:00:00 |