CVE-2006-4948

Name of the Vulnerable Software and Affected Versions ProSysInfo TFTP Server TFTPDWIN versions 0.4.2 and earlier

Description The issue is related to a stack-based buffer overflow in the tftpd.exe component. This can be exploited by remote attackers who send a long file name, potentially leading to the execution of arbitrary code or a denial of service.

Recommendations For versions 0.4.2 and earlier, consider restricting access to the tftpd.exe component until a fix is available. As a temporary workaround, limit the length of file names accepted by the server to prevent exploitation.