D-Link TFTP Transporting Mode Remote Buffer Overflow Vulnerability

Bugtraq ID:	22923
Class:	Boundary Condition Error
CVE:	CVE-2007-1435
Remote:	Yes
Local:	No
Published:	Mar 12 2007 12:00AM
Updated:	May 12 2015 07:29PM
Credit:	Parvez Anwar is credited with the discovery of this vulnerability.
Vulnerable:	D-Link TFTP Server 1.0
Not Vulnerable:

D-Link TFTP Transporting Mode Remote Buffer Overflow Vulnerability

D-Link TFTP is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before storing it in a finite-sized buffer.

A remote attacker can exploit this issue to cause the application to crash, denying further service to legitimate users. Given the nature of this issue, the attacker may presumably be able to execute code.

D-Link TFTP 1.0 is vulnerable; other versions may also be affected.

D-Link TFTP Transporting Mode Remote Buffer Overflow Vulnerability

A Metasploit exploit module is available:

• /data/vulnerabilities/exploits/22923.rb

D-Link TFTP Transporting Mode Remote Buffer Overflow Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

D-Link TFTP Transporting Mode Remote Buffer Overflow Vulnerability

References:

• Product Homepage (D-Link)
  
• Vendor Homepage (D-Link)