High severity7.5NVD Advisory· Published Sep 10, 2020· Updated Jun 17, 2026
CVE-2020-6097
CVE-2020-6097
Description
An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versionspkg:rpm/opensuse/atftp&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/atftp&distro=openSUSE%20Tumbleweed
< 0.7.2-lp152.2.3.1+ 1 more
- (no CPE)range: < 0.7.2-lp152.2.3.1
- (no CPE)range: < 0.7.5-1.1
Patches
Vulnerability mechanics
References
3- talosintelligence.com/vulnerability_reports/TALOS-2020-1029nvdExploitTechnical DescriptionThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-10/msg00058.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2021/11/msg00014.htmlnvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.