14 matches found
CVE-2019-11365
An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this...
CVE-2019-11365
creationtimestamp| type| source ---|---|--- 2024-01-08 21:38:21+00:00| seen| https://t.me/arpsyndicate/2683 2025-05-14 23:15:09+00:00| seen| https://gist.github.com/0xi1y4an7/605ea54aa36cbd993d66a4e7d1674901...
SUSE: Security Advisory (SUSE-SU-2019:14033-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4643-1: atftp vulnerabilities
It was discovered that atftp's FTP server did not properly handler certain input. An attacker could use this to to cause a denial of service crash or possibly execute arbitrary code. CVE-2019-11365 It was discovered that atftp's FTP server did not make proper use of mutexes when locking certain...
Ubuntu: Security Advisory (USN-4540-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4540-1: atftpd vulnerabilities
Denis Andzakovic discovered that atftpd incorrectly handled certain malformed packets. A remote attacker could send a specially crafted packet to cause atftpd to crash, resulting in a denial of service. CVE-2019-11365 Denis Andzakovic discovered that atftpd did not properly lock the thread list...
Debian DSA-4438-1 : atftp - security update
Denis Andzakovic discovered two vulnerabilities in atftp, the advanced TFTP server which could result in denial of service by sending malformed packets. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4438. T...
[SECURITY] [DSA 4438-1] atftp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4438-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 07, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4438-1] atftp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4438-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 07, 2019 https://www.debian.org/security/faq -...
SUSE SLES11 Security Update : atftp (SUSE-SU-2019:14033-1)
This update for atftp fixes the following issues : Security issues fixed : CVE-2019-11366: Fixed a denial of service caused by a NULL pointer dereference because threadlistmutex was not locked bsc1133145. CVE-2019-11365: Fixed a buffer overflow which could lead to remote code execution caused by ...
SUSE SLED12 / SLES12 Security Update : atftp (SUSE-SU-2019:1091-1)
This update for atftp fixes the following issues : Security issues fixed : CVE-2019-11366: Fixed a denial of service caused by a NULL pointer dereference because threadlistmutex was not locked bsc1133145. CVE-2019-11365: Fixed a buffer overflow which could lead to remote code execution caused by ...
CVE-2019-11365
An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this...
CVE-2019-11365
An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this...
CVE-2019-11365
CVE-2019-11365 is a vulnerability in atftpd/atftp 0.7.1 where a crafted error packet (3 bytes or fewer) can trigger a stack-based buffer overflow due to an insecure strncpy in multiple files (tftpd_file.c, tftp_file.c, tftpd_mtftp.c, tftp_mtftp.c). Public advisories (Ubuntu, SUSE, OpenVAS/Nessus)...