VYPR

TFTP Server

by SolarWinds

CVEs (6)

  • CVE-2010-2115May 28, 2010
    risk 0.07cvss epss 0.56

    SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a denial of service (no new connections) via a crafted read request.

  • CVE-2010-2310Jun 16, 2010
    risk 0.04cvss epss 0.11

    SolarWinds TFTP Server 10.4.0.13 allows remote attackers to cause a denial of service (crash) via a long write request.

  • CVE-2009-3115Sep 9, 2009
    risk 0.04cvss epss 0.11

    SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers to cause a denial of service (service stop) via a crafted Option Acknowledgement (OACK) request. NOTE: some of these details are obtained from third party information.

  • CVE-2002-1542Mar 31, 2003
    risk 0.04cvss epss 0.13

    SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow.

  • CVE-2002-1209Nov 4, 2002
    risk 0.04cvss epss 0.13

    Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, and possibly earlier, allows remote attackers to read arbitrary files via "..\" (dot-dot backslash) sequences in a GET request.

  • CVE-2006-1951Apr 24, 2006
    risk 0.00cvss epss 0.04

    Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and earlier allows remote attackers to download arbitrary files via a crafted GET request including "....//" sequences, which are collapsed into "../" sequences by filtering.