CVE-2005-1812

Futuresoft Tftp Server 2000 - Memory Corruption

Title source: rule

Description

Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16344

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by ATmaCA · cdoswindows

https://www.exploit-db.com/exploits/1027

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/tftp/futuresoft_transfermode.rb

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1014079

[Exploit] http://www.security.org.sg/vuln/tftp2000-1001.html

[Exploit] http://www.securityfocus.com/bid/13821

[Third Party Advisory] http://secunia.com/advisories/15539

Scores

EPSS 0.8215

EPSS Percentile 99.2%

Details

CWE

CWE-119

Status published

Products (1)

futuresoft/tftp_server_2000 1.0.0.1

Published Jun 01, 2005

Tracked Since Feb 18, 2026