Lucene search

MitreCVE-2006-6184

HistoryDec 01, 2006 - 12:28 a.m.

CVE-2006-6184

2006-12-0100:28:00

mitre

web.nvd.nist.gov

cve-2006-6184

allied telesyn

tftp server

buffer overflow

denial of service

remote code execution

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.721

Percentile

98.1%

JSON

Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.

Affected configurations

Nvd

Node

alliedtelesynat-tftpRange≤1.9

VendorProductVersionCPE
alliedtelesynat-tftp*cpe:2.3:a:alliedtelesyn:at-tftp:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
alliedtelesyn	at-tftp	*	cpe:2.3:a:alliedtelesyn:at-tftp::::::::

References

secunia.com/advisories/23106

securityreason.com/securityalert/1929

securityreason.com/securityalert/8120

www.exploit-db.com/exploits/16350

www.exploit-db.com/exploits/24952

www.osvdb.org/11350

www.securityfocus.com/archive/1/452743/100/0/threaded

www.securityfocus.com/bid/21320

www.vupen.com/english/advisories/2006/4737

exchange.xforce.ibmcloud.com/vulnerabilities/30539

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.721

Percentile

98.1%

JSON

Related for CVE-2006-6184