rpm package
opensuse/atftp&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/atftp&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-41054 | Hig | 7.5 | < 0.7.5-1.1 | 0.7.5-1.1 | Sep 13, 2021 | tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options. | |
| CVE-2020-6097 | Hig | 7.5 | < 0.7.5-1.1 | 0.7.5-1.1 | Sep 10, 2020 | An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious p | |
| CVE-2019-11365 | Cri | 9.8 | < 0.7.5-1.1 | 0.7.5-1.1 | Apr 20, 2019 | An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple |
- affected < 0.7.5-1.1fixed 0.7.5-1.1
tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options.
- affected < 0.7.5-1.1fixed 0.7.5-1.1
An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious p
- affected < 0.7.5-1.1fixed 0.7.5-1.1
An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple