11 matches found
CVE-2019-11366
An issue was discovered in atftpd in atftp 0.7.1. It does not lock the threadlistmutex mutex before assigning the current thread data structure. As a result, the daemon is vulnerable to a denial of service attack due to a NULL pointer dereference. If threaddata is NULL when assigned to current, a...
SUSE: Security Advisory (SUSE-SU-2019:14033-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4643-1: atftp vulnerabilities
It was discovered that atftp's FTP server did not properly handler certain input. An attacker could use this to to cause a denial of service crash or possibly execute arbitrary code. CVE-2019-11365 It was discovered that atftp's FTP server did not make proper use of mutexes when locking certain...
Ubuntu: Security Advisory (USN-4540-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4540-1: atftpd vulnerabilities
Denis Andzakovic discovered that atftpd incorrectly handled certain malformed packets. A remote attacker could send a specially crafted packet to cause atftpd to crash, resulting in a denial of service. CVE-2019-11365 Denis Andzakovic discovered that atftpd did not properly lock the thread list...
Debian DSA-4438-1 : atftp - security update
Denis Andzakovic discovered two vulnerabilities in atftp, the advanced TFTP server which could result in denial of service by sending malformed packets. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4438. T...
[SECURITY] [DSA 4438-1] atftp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4438-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 07, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4438-1] atftp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4438-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 07, 2019 https://www.debian.org/security/faq -...
SUSE SLED12 / SLES12 Security Update : atftp (SUSE-SU-2019:1091-1)
This update for atftp fixes the following issues : Security issues fixed : CVE-2019-11366: Fixed a denial of service caused by a NULL pointer dereference because threadlistmutex was not locked bsc1133145. CVE-2019-11365: Fixed a buffer overflow which could lead to remote code execution caused by ...
SUSE SLES11 Security Update : atftp (SUSE-SU-2019:14033-1)
This update for atftp fixes the following issues : Security issues fixed : CVE-2019-11366: Fixed a denial of service caused by a NULL pointer dereference because threadlistmutex was not locked bsc1133145. CVE-2019-11365: Fixed a buffer overflow which could lead to remote code execution caused by ...
CVE-2019-11366
An issue was discovered in atftpd in atftp 0.7.1. It does not lock the threadlistmutex mutex before assigning the current thread data structure. As a result, the daemon is vulnerable to a denial of service attack due to a NULL pointer dereference. If threaddata is NULL when assigned to current, a...