5 matches found
CVE-2020-6097
CVE-2020-6097 affects atftp’s atftpd daemon; a crafted RRQ-Multicast sequence can trigger an assert() and crash, causing DoS. Public details in Debian DLA-2820-1 (fix in atftp 0.7.git20120829-3.1~deb9u2) and Ubuntu/Debian advisories confirm. Remediation: upgrade atftp to the patched package versi...
CVE-2019-11365
CVE-2019-11365 is a vulnerability in atftpd/atftp 0.7.1 where a crafted error packet (3 bytes or fewer) can trigger a stack-based buffer overflow due to an insecure strncpy in multiple files (tftpd_file.c, tftp_file.c, tftpd_mtftp.c, tftp_mtftp.c). Public advisories (Ubuntu, SUSE, OpenVAS/Nessus)...
CVE-2021-41054
CVE-2021-41054 affects atftp up to version 0.7.4, with a buffer overflow in tftpd_file.c caused by buffer-size handling that fails to properly account for data, OACK, and other options. Connected advisories across Debian, SUSE, Photon OS, and Astra Linux confirm the issue and reference a remediat...
CVE-2021-46671
Summary: CVE-2021-46671 affects atftp; options.c reads past the end of an array, causing disclosure of server-side /etc/group data to a remote client. This affects atftp versions before 0.7.5. Impact: remote information disclosure (server data) without authentication; no exploitation details prov...
CVE-2019-11366
The connected sources confirm CVE-2019-11366 and CVE-2019-11365 affecting atftp/atftpd. The root cause is failure to lock the thread_list_mutex before assigning thread_data, enabling a race that can lead to a NULL pointer dereference and a crash, with potential arbitrary code execution in some co...