CVE-2008-1311

PacketTrap pt360 Tool Suite PRO <2.0.3901.0 - DoS

Title source: llm

Description

The TFTP server in PacketTrap pt360 Tool Suite PRO 2.0.3901.0 and earlier allows remote attackers to cause a denial of service (daemon hang) by uploading a file named (1) '|' (pipe), (2) '"' (quotation mark), or (3) "<>" (less than, greater than); or (4) a file with a long name. NOTE: the issue for vector 4 might exist because of an incomplete fix for CVE-2008-1312.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Jeremy Brown · perldoswindows

https://www.exploit-db.com/exploits/6863

View Code ZIP pw:eip

metasploit WORKING POC

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/windows/tftp/pt360_write.rb

View Code ZIP pw:eip

References (8)

[Third Party Advisory] http://aluigi.altervista.org/adv/packettrash-adv.txt

[Exploit] http://aluigi.org/testz/tftpx.zip

[Vendor Advisory] http://secunia.com/advisories/29308

[Exploit] http://www.securityfocus.com/bid/28187

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/41073

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/489355/100/0/threaded

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/0811/references

[Third Party Advisory] http://securityreason.com/securityalert/3734

Scores

EPSS 0.6635

EPSS Percentile 98.5%

Details

CWE

CWE-20

Status published

Products (1)

packettrap/pt360_tool_suite_pro < 2.0.3901.0

Published Mar 12, 2008

Tracked Since Feb 18, 2026