CVE-2006-6183

3com 3ctftpsvc < 2.0.1 - Memory Corruption

Title source: rule

Description

Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long mode field (aka transporting mode) in a (1) GET or (2) PUT command.

Exploits (6)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16347

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Umesh Wanve · perlremotewindows

https://www.exploit-db.com/exploits/3388

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Enseirb · remotewindows

https://www.exploit-db.com/exploits/3170

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by cthulhu · rubyremotewindows

https://www.exploit-db.com/exploits/2865

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Liu Qixu · pythondoswindows

https://www.exploit-db.com/exploits/2855

View Code ZIP pw:eip

metasploit WORKING POC GREAT

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/tftp/threectftpsvc_long_mode.rb

View Code ZIP pw:eip

References (7)

[Vendor Advisory] http://www.vupen.com/english/advisories/2006/4738

[Exploit] http://www.securityfocus.com/bid/21301

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/30545

[Exploit] http://www.securityfocus.com/bid/21322

[Third Party Advisory] http://securityreason.com/securityalert/1930

[Vendor Advisory] http://secunia.com/advisories/23113

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/452754/100/0/threaded

Scores

EPSS 0.5146

EPSS Percentile 97.9%

Details

CWE

CWE-119

Status published

Products (1)

3com/3ctftpsvc < 2.0.1

Published Dec 01, 2006

Tracked Since Feb 18, 2026