RedTeam Labs

Information Security Vulnerablities, Exploit Code and News

CATEGORIES:      Company News General Industry News Research List View

RedTeam Discovers 0-day in TFTPGUI

Category: Research Tags: tftp, gui, dos, exploit, python, advisory
Posted by: labs@redteamsecure.com (Jeremiah Talamantes) on 2010-05-03 09:38:01

RedTeam Discovers 0-day in TFTPGUI 1.4.5

Jeremiah Talamantes, Principal Security Consultant and Security Researcher at RedTeam, has discovered a 0-day security vulnerability in TFTPGUI version 1.4.5. The security vulnerability in the TFTP server application revolves around unexpected behavior when sending an overly long transport mode string. An attacker can execute a remote Denial-of-Service attack on the server application by sending a string of malicious characters causing the program to crash.

Jeremiah has developed proof of concept code for this vulnerability in Python. This 0-day has been published by the Exploit Database, Security Reason and Packet Storm Security among others.


Our Published Advisory
* Packet Storm Security
* Exploit Database: EDB-ID 12482
* Security Reason: WLB-2010050009



Share |



Follow Our Twitter

Follow Our RSS

Share this: |


Categories



DISCLAIMER
    The content, tools, methodologies and proof of concept code contained in these articles are in no way intended to be used for malicious intent. This information is to be used for educational purposes only. RedTeam Security does not condone the malicious use nor does it warranty the use of any of the content contained herein.


Contact Us

Phone number:
1-612-234-7848

E-mail:

info@redteamsecure.com