Vulnerability Details : CVE-2006-6184
Public exploit exists!
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
Vulnerability category: Execute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2006-6184
Probability of exploitation activity in the next 30 days: 59.68%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2006-6184
-
Allied Telesyn TFTP Server 1.9 Long Filename Overflow
Disclosure Date: 2006-11-27First seen: 2020-04-26exploit/windows/tftp/attftp_long_filenameThis module exploits a stack buffer overflow in AT-TFTP v1.9, by sending a request (get/write) for an overly long file name. Authors: - aushack <patrick@osisecurity.com.au>
CVSS scores for CVE-2006-6184
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
Vendor statements for CVE-2006-6184
-
Allied Telesyn 2007-04-17More recent revision AT-TFTPD Server 2.0 does not suffer the listed vulnerability. Only the more recent revision AT-TFTPD Server 2.0 can be found for download from our website, currently via the following link: http://www.alliedtelesis.com/support/software/default.aspx?cid=1&pid=182
-
http://securityreason.com/securityalert/8120
-
http://www.securityfocus.com/archive/1/452743/100/0/threaded
-
http://www.exploit-db.com/exploits/16350
-
http://www.securityfocus.com/bid/21320
Allied Telesyn AT-TFTP Server Filename Remote Buffer Overflow VulnerabilityExploit
-
http://securityreason.com/securityalert/1929
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/30539
-
http://www.vupen.com/english/advisories/2006/4737
-
http://www.exploit-db.com/exploits/24952
- cpe:2.3:a:alliedtelesyn:at-tftp:*:*:*:*:*:*:*:*