22 matches found
EUVD-2014-0770
Malware in sbrugna...
EUVD-2003-0720
Malware in sbrugna...
EUVD-2021-31268
Malicious code in bioql PyPI...
General Electric D20ME TFTP Server Buffer Overflow / Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework The General Electric D20 and possibly other devices have numerous buffer overruns in their TFTP servers and probably other servers. There are many buffer overruns like i...
Ubuntu: Security Advisory (USN-6334-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-27078
A command injection issue was found in TP-Link MR3020 v.1150921 that allows a remote attacker to execute arbitrary commands via a crafted request to the tftp endpoint...
SUSE CVE-2009-2957
Heap-based buffer overflow in the tftprequest function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read aka RRQ request...
CVE-2014-0739
Race condition in the Phone Proxy component in Cisco Adaptive Security Appliance ASA Software 9.1.3 and earlier allows remote attackers to bypass secdb authentication and provide certain pass-through services to untrusted devices via a crafted configuration-file TFTP request, aka Bug ID CSCuj6676...
Race condition
Race condition in the Phone Proxy component in Cisco Adaptive Security Appliance ASA Software 9.1.3 and earlier allows remote attackers to bypass secdb authentication and provide certain pass-through services to untrusted devices via a crafted configuration-file TFTP request, aka Bug ID CSCuj6676...
Cisco Adaptive Security Appliance Phone Proxy sec_db Race Condition Vulnerability
A vulnerability in the TFTP request function of the Phone Proxy feature of the Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to pass traffic from an untrusted phone through the ASA. The vulnerability is due to a limitation in processing the TFTP request for...
CVE-2010-4323
Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager ZCM 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a long TFTP request...
Heap overflow
Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager ZCM 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a long TFTP request...
CVE-2009-2957
Heap-based buffer overflow in the tftprequest function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read aka RRQ request...
CVE-2008-1411
The PXE Server pxesrv.exe in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to cause a denial of service crash via an incomplete TFTP request, which triggers a NULL pointer dereference...
Null pointer dereference
The PXE Server pxesrv.exe in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to cause a denial of service crash via an incomplete TFTP request, which triggers a NULL pointer dereference...
acronis pxe server 2.0.0.1076 - Directory Traversal Null Pointer
acronis pxe server 2.0.0.1076 - Directory Traversal Null Pointer Luigi Auriemma Application: Acronis PXE Server http://www.acronis.com/enterprise/products/snapdeploy/ Versions: = 2.0.0.1076 Platforms: Windows Bugs: A directory traversal B NULL pointer Exploitation: remote Date: 08 Mar 2008 Author...
Alcatel OmniPCX audio stream hijack
It's possible to hijack audio strem from server by sending TFTP request with filename containing victim's IP...
Alcatel OmniPCX Enterprise VoIP Vulnerability
COMPASS SECURITY ADVISORY http://www.csnc.ch/ Product: OmniPCX Enterprise Vendor: Alcatel Subject: VoIP Phone Audio Stream Rerouting Vulnerability Risk High Effect Currently exploitable Author: Daniel Stirnimann daniel.stirnimann at csnc dot ch Date: November, 19th 2007 Introduction: ------------...
CVE-2005-3032
Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a TFTP request with a long filename argument...
CVE-2005-3032
CVE-2005-3032: Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause denial of service and possibly execute arbitrary code via a TFTP request with a long filename argument. No exploitation details or fixes are provided in the supplied documents; remediation status is not specified.