CVE-2021-36762

An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd:tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet...

tftpy 安全漏洞

tftpy is a Python library by the individual developer Michael P. Soulier. A security vulnerability exists in tftpy. A remote attacker can exploit this vulnerability to cause a denial of service via a parser function in the TftpPacketFactory class...

CVE-2021-36762

An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd:tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet...

CVE-2021-36762

An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd:tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet...

CVE-2021-36762

An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd:tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet...

PT-2021-3861 · Hcc Embedded · Nichestack

Name of the Vulnerable Software and Affected Versions: HCC Embedded InterNiche NicheStack versions through 4.3 Description: The issue is related to errors in handling TFTP packet processing in the NicheLite and InterNiche TCP/IP stacks, specifically with null-termination of strings or arrays. Thi...

Verilink NetEngine 6100-4 Broadband Router TFTP Packet Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7575/info It has been reported that a problem with Verilink broadband routers exists in the handling of TFTP packets. Because of this, an attacker could potentially deny service to legitimate users of the network...

Ipswitch TFTP Server Information disclosure (CVE-2009-1730)

A directory traversal vulnerability has been reported in Ipswitch TFTP Server. The vulnerability is caused due to improper validation of certain requests. A remote attacker can exploit this issue by sending a specially crafted TFTP packet to the target. Successful exploitation would allow an...

HP Intelligent Management Center tftpserver.exe TFTP Packet Buffer Overflow (CVE-2011-1852)

A remote code execution has been reported in HP Intelligent Management Center. The vulnerability is due to an error in the tftpserver.exe component while processing DATA or ERROR TFTP packets. A remote attacker could exploit this vulnerability by sending a malformed TFTP packet to an affected...

HP Intelligent Management Center tftpserver.exe Remote Code Execution (CVE-2011-1851)

A remote code execution vulnerability has been reported in HP Intelligent Management Center. The vulnerability is due to improper verification of the destination buffer's size while handling the transfer mode field within the tftpserver.exe component. A remote attacker could exploit this...

CVE-2009-2957

Heap-based buffer overflow in the tftprequest function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read aka RRQ request...

CVE-2008-1072

The TFTP dissector in Wireshark formerly Ethereal 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service crash or memory consumption via a malformed packet, possibly related to a Cairo library bug...

CVE-2004-1636

Heap-based buffer overflow in the WvTFTPServer::newconnection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet...

CVE-2004-1636

Heap-based buffer overflow in the WvTFTPServer::newconnection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet...

Verilink NetEngine 6100-4 Broadband Router - TFTP Packet Remote Denial of Service

source: https://www.securityfocus.com/bid/7575/info It has been reported that a problem with Verilink broadband routers exists in the handling of TFTP packets. Because of this, an attacker could potentially deny service to legitimate users of the network...

Verilink NetEngine 6100-4 Broadband Router - TFTP Packet Remote Denial of Service

Verilink NetEngine 6100-4 Broadband Router - TFTP Packet Remote Denial of Service source: https://www.securityfocus.com/bid/7575/info It has been reported that a problem with Verilink broadband routers exists in the handling of TFTP packets. Because of this, an attacker could potentially deny...