Update Protection against Tftpd32 Request Error Message Format String Vulnerability
| Check Point Reference: | CPAI-2006-027 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: |
FrSIRT/ADV-2006-0263 |
|
| Industry Reference(s): | CVE-2006-0328 | |
| Protection Provided by: |
InterSpect
|
|
| Who is Vulnerable? Tftpd32 version 2.81 and earlier versions | ||
| Vulnerability Description Tftpd32 is a freeware TFTP server designed for Microsoft Windows operating systems. A vulnerability has been identified in Tftpd32, specifically in the processing of Get requests containing a malformed filename. An attacker capable of sending a specially crafted filename can cause a vulnerable application to execute code or to crash. |
||
|
Update/Patch Available We are not aware of any official patch for this issue. |
|
|
Vulnerability Details The flaw is due to a format string error when processing a specially crafted GET request containing a malformed filename. |
Protection Overview
The Update enables the HTTP Worm Catcher to detect and block the vulnerability based on pre-defined worm signatures. The update applies to users of InterSpect NGX only.
To configure the defense, select your product from the list below and follow the related protection steps.
Additional Information
The update also includes the following protections:
- Enhancement to the Microsoft Windows Media Player Vulnerability (CPAI-2006-016)
- Trojan Spy Goldun.de Protection (CPAI-2006-025)
- ezDatabase Remote File Inclusion Protection (CPAI-2006-026)
- Cisco IOS CDP Status Page Code Injection Protection (CPAI-2006-028)
- SHOUTcast Filename Request Format String Protection (CPAI-2006-029)
- Oracle Report File Overwrite/Oracle Report Directory Traversal Protection (CPAI-2006-030)
- Google Talk via Gmail Web Interface Protection (CPSA-2006-02)
- IBM Tivoli Access Manager Directory Traversal Protection (CPAI-2006-031)
- Protection Against NFS Vulnerabilities (CPAI-2006-032)
- Protection against PmWiki multiple vulnerabilities