Tftpd32 SEND / GET Remote Format String Vulnerability

info
discussion
exploit
solution
references

Tftpd32 SEND / GET Remote Format String Vulnerability

A remote format-string vulnerability affects Tftpd32.

This issue presents itself when the TFTP server attempts to process specially crafted data through the SEND or GET commands.

A remote attacker may leverage this issue to execute arbitrary code in the context of the server.

Tftpd32 2.81 is reportedly vulnerable. Other versions may be affected as well.