Release date: 2011-12-02
Updated on: 2011-12-05
Affected Systems:
Hillstone-software hs tftp Server Software 1.3.2
Description:
--------------------------------------------------------------------------------
Bugtraq id: 50886
Hs tftp is a software library written in C language. the TFTP protocol can be implemented at the UDP Socket Layer according to RFC 1350.
When the hs tftp Server processes a TFTP request, there is an error in the implementation of the hs tftp Library. A specially crafted message can cause the service to stop responding.
<* Source: SecPod Research
Link: http://secpod.org/advisories/SecPod_Hillstone_Software_HS_TFTP_Server_DoS.txt
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Hillstone-software
------------------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.hillstone-software.com/