← back
CVE-2008-1311

CVE-2008-1311

EPSS 49.2%
The TFTP server in PacketTrap pt360 Tool Suite PRO 2.0.3901.0 and earlier allows remote attackers to cause a denial of service (daemon hang) by uploading a file named (1) '|' (pipe), (2) '"' (quotation mark), or (3) "<>" (less than, greater than); or (4) a file with a long name. NOTE: the issue for vector 4 might exist because of an incomplete fix for CVE-2008-1312.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/6863unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://aluigi.altervista.org/adv/packettrash-adv.txthttp://aluigi.org/testz/tftpx.ziphttp://secunia.com/advisories/29308http://securityreason.com/securityalert/3734https://exchange.xforce.ibmcloud.com/vulnerabilities/41073http://www.securityfocus.com/archive/1/489355/100/0/threadedhttp://www.securityfocus.com/bid/28187http://www.vupen.com/english/advisories/2008/0811/references