• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

FutureSoft TFTP Server 2000 Multiple Remote Vulnerabilities

FutureSoft TFTP Server 2000 is affected by multiple remote vulnerabilities. Exploiting these issues can allow an attacker to retrieve arbitrary files and carry out buffer-overflow attacks.

The following specific issues were identified:

- Multiple buffer overflow vulnerabilities. A successful attack may allow the attacker to execute arbitrary code on a vulnerable computer and gain unauthorized access in the context of the server. A denial-of-service condition may arise as well.

- A directory-traversal vulnerability. A successful attack may allow the attacker to access arbitrary files (if the server has permissions to access the file).

These issues have been confirmed on TFTP Server 2000 Evaluation Version 1.0.0.1. Other versions may be affected as well.