TFTPD32 Long Filename Buffer Overflow Vulnerability

A buffer-overflow vulnerability has been reported for Tftpd32. The vulnerability is due to insufficient checks on user-supplied input.

A remote attacker can exploit this vulnerability by supplying a long string as a name of the file to retrieve. This will trigger the buffer-overflow condition. Any malicious attacker-supplied code will be executed with the privileges of the Tftpd32 process.


Privacy Statement
Copyright 2010, SecurityFocus