TFTP Server
by SolarWinds
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-2115 | 0.07 | — | 0.56 | May 28, 2010 | SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a denial of service (no new connections) via a crafted read request. | |||
| CVE-2010-2310 | 0.04 | — | 0.11 | Jun 16, 2010 | SolarWinds TFTP Server 10.4.0.13 allows remote attackers to cause a denial of service (crash) via a long write request. | |||
| CVE-2009-3115 | 0.04 | — | 0.11 | Sep 9, 2009 | SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers to cause a denial of service (service stop) via a crafted Option Acknowledgement (OACK) request. NOTE: some of these details are obtained from third party information. | |||
| CVE-2002-1542 | 0.04 | — | 0.13 | Mar 31, 2003 | SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow. | |||
| CVE-2002-1209 | 0.04 | — | 0.13 | Nov 4, 2002 | Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, and possibly earlier, allows remote attackers to read arbitrary files via "..\" (dot-dot backslash) sequences in a GET request. | |||
| CVE-2006-1951 | 0.00 | — | 0.04 | Apr 24, 2006 | Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and earlier allows remote attackers to download arbitrary files via a crafted GET request including "....//" sequences, which are collapsed into "../" sequences by filtering. |
- CVE-2010-2115May 28, 2010risk 0.07cvss —epss 0.56
SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a denial of service (no new connections) via a crafted read request.
- CVE-2010-2310Jun 16, 2010risk 0.04cvss —epss 0.11
SolarWinds TFTP Server 10.4.0.13 allows remote attackers to cause a denial of service (crash) via a long write request.
- CVE-2009-3115Sep 9, 2009risk 0.04cvss —epss 0.11
SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers to cause a denial of service (service stop) via a crafted Option Acknowledgement (OACK) request. NOTE: some of these details are obtained from third party information.
- CVE-2002-1542Mar 31, 2003risk 0.04cvss —epss 0.13
SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow.
- CVE-2002-1209Nov 4, 2002risk 0.04cvss —epss 0.13
Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, and possibly earlier, allows remote attackers to read arbitrary files via "..\" (dot-dot backslash) sequences in a GET request.
- CVE-2006-1951Apr 24, 2006risk 0.00cvss —epss 0.04
Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and earlier allows remote attackers to download arbitrary files via a crafted GET request including "....//" sequences, which are collapsed into "../" sequences by filtering.