Test ID:	1.3.6.1.4.1.25623.1.0.802658
Category:	Buffer overflow
Title:	3CTftpSvc TFTP Server Long Mode Buffer Overflow Vulnerability
Summary:	3CTftpSvc TFTP Server is prone to a buffer overflow vulnerability.
Description:	Summary: 3CTftpSvc TFTP Server is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is due to a boundary error during the processing of TFTP Read/Write request packet types. This can be exploited to cause a stack based buffer overflow by sending a specially crafted packet with an overly long mode field. Vulnerability Impact: Successful exploitation will allow attackers to cause the application to crash, denying further service to legitimate users. Affected Software/OS: 3Com 3CTFTPSvc TFTP Server version 2.0.1. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-6183 BugTraq ID: 21301 http://www.securityfocus.com/bid/21301 BugTraq ID: 21322 http://www.securityfocus.com/bid/21322 Bugtraq: 20061126 TFTP Server 3CTftpSvc Buffer Overflow Vulnerability (Long transporting mode) (Google Search) http://www.securityfocus.com/archive/1/452754/100/0/threaded http://secunia.com/advisories/23113 http://securityreason.com/securityalert/1930 http://www.vupen.com/english/advisories/2006/4738 XForce ISS Database: 3ctftpsvc-transporting-mode-bo(30545) https://exchange.xforce.ibmcloud.com/vulnerabilities/30545
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.