TFTP: Open TFTP Server Error Packet Handling Buffer Overflow

This signature detects attempts to exploit a known vulnerability against the OpenTFTP Server. A successful attack can lead to arbitrary code execution.

Extended Description

Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a long TFTP error packet. NOTE: some of these details are obtained from third party information.

References

BugTraq: 29111

CVE: CVE-2008-2161

Short Name
TFTP:OPEN-TFTP-SRVER-ERROR-BO-1
Severity
Major
Recommended
False
Recommended Action
Drop
Category
TFTP
Keywords
Buffer CVE-2008-2161 Error Handling Open Overflow Packet Server TFTP bid:29111
Release Date
07/18/2019
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
CVSS Score

10.0

Found a potential security threat?