Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:3A2819483E12B6C5BEC20D7270C4BE5B
HistoryDec 08, 2006 - 12:00 a.m.

3Com TFTP server Transporting Mode buffer overflow

2006-12-0800:00:00
SAINT Corporation
download.saintcorporation.com
10

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.807

Percentile

98.4%

JSON

Added: 12/08/2006
CVE: CVE-2006-6183
BID: 21301
OSVDB: 30758

Background

3CTftpSvc by 3Com is a freeware implementation of the TFTP protocol for Windows.

Problem

A buffer overflow vulnerability in the 3Com TFTP server allows remote attackers to execute arbitrary commands by sending a long, specially crafted transporting mode in a GET or PUT request.

Resolution

Delete the 3Com TFTP server. It is no longer supported by the vendor.

References

<http://www.securityfocus.com/archive/1/452754&gt;

Limitations

Exploit works on 3Com TFTP server 2.0.1.

Platforms

Windows 2000
Windows XP SP0 / Windows XP SP1
Windows XP SP2 / Windows XP
Windows Server 2003 SP0
Windows Server 2003 SP1 / Windows Server 2003

Related

saint 3
canvas 1
exploitdb 5
packetstorm 1
metasploit 1
cvelist 1
cve 1
checkpoint_advisories 1
nessus 1
nvd 1
zdt 1
openvas 1
saint
saint
3Com TFTP server Transporting Mode buffer overflow
2006-12-08 00:00:00
3Com TFTP server Transporting Mode buffer overflow
2006-12-08 00:00:00
3Com TFTP server Transporting Mode buffer overflow
2006-12-08 00:00:00
canvas
canvas
Immunity Canvas: 3COMTFTP
2006-12-01 00:28:00
exploitdb
exploitdb
3Com TFTP Service (3CTftpSvc) 2.0.1 - &#039;Long Transporting Mode&#039; Remote Overflow
2006-11-30 00:00:00
3Com TFTP Service (3CTftpSvc) 2.0.1 - &#039;Long Transporting Mode&#039; Overflow (PoC)
2006-11-27 00:00:00
3Com TFTP Service (3CTftpSvc) 2.0.1 - Remote Buffer Overflow (Metasploit)
2007-01-21 00:00:00
packetstorm
packetstorm
3CTftpSvc TFTP Long Mode Buffer Overflow
2009-11-26 00:00:00
metasploit
metasploit
3CTftpSvc TFTP Long Mode Buffer Overflow
2006-11-28 14:41:35
cvelist
cvelist
CVE-2006-6183
2006-12-01 00:00:00
cve
cve
CVE-2006-6183
2006-12-01 00:28:00
checkpoint_advisories
checkpoint_advisories
3Com TFTP Server Transporting Mode Remote Buffer Overflow (CVE-2006-6183)
2007-01-15 00:00:00
nessus
nessus
3CTftpSvc Long Transport Mode Remote Overflow
2006-11-28 00:00:00
nvd
nvd
CVE-2006-6183
2006-12-01 00:28:00
zdt
zdt
3Com TFTP Service <= 2.0.1 Remote Buffer Overflow Exploit (meta)
2007-01-21 00:00:00
openvas
openvas
3CTftpSvc TFTP Server Long Mode Buffer Overflow Vulnerability
2012-07-10 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.807

Percentile

98.4%

JSON
Related for SAINT:3A2819483E12B6C5BEC20D7270C4BE5B
saint3canvas1exploitdb5packetstorm1metasploit1cvelist1cve1checkpoint_advisories1nessus1nvd1zdt1openvas1