Uploaded image for project: 'Commons Net'
  1. Commons Net
  2. NET-414

Apache Commons TFTP does not reject request replies that originate from a control port.

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 2.2, 3.0
    • 3.6
    • TFTP
    • None

    • Java 1.6 Patch 20

    Description

      When a TFTP request response arrives that incorrectly specifies its source port as the control port, the request should be rejected with an error code 5 (TFTPErrorPacket.UNKNOWN_TID) and suggested text "INCORRECT SOURCE PORT".

      This can happen when an incorrectly written TFTP server replies to a request from a control socket instead of building a new socket that attaches to an ephemeral port.

      Note 1: The expected response from a read request is a DATA packet. The expected response from a write request is an ACK packet.

      Note 2: The control port is implementation specific and not always port 69 (as defined by IANA).

      Attachments

        Activity

          People

            Unassigned Unassigned
            chuckwolber Chuck Wolber
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: