Security Vulnerability in Tellurian TftpdNT (Long Filename)
26 Aug. 2003
Tellurian TftpdNT is a TFTP server for Windows NT and Windows 9x.
A buffer overflow vulnerability in the product allows remote attackers to cause the product to overflow an internal buffer, while executing arbitrary code.
SecurITeam would like to thank STORM for finding this vulnerability.
It is possible to cause a buffer overflow in the Tellurian TftpdNT product, while overwriting the EIP pointer - this allows remote command execution.
The overflow occurs in the product's parsing of the filename.
The vendor has been informed, and has fixed the issue within 24 hours. A new version is available on the web site.
#Tellurian TFTP Server buffer overflow vulnerability
$host = "192.168.1.44";
$port = "69";