H Peter Anvin tftp-hpa 5.0 Pufferüberlauf

EintraganpassenHistoryDiffjsonxmlCTI

Es wurde eine kritische Schwachstelle in H Peter Anvin tftp-hpa 5.0 entdeckt. Es betrifft eine unbekannte Funktion. Ein Upgrade auf die Version 5.0 vermag dieses Problem zu beheben. Die Schwachstelle lässt sich auch durch das Einspielen eines Patches beheben. Dieser kann von git.kernel.org bezogen werden. Als bestmögliche Massnahme wird das Einspielen des entsprechenden Patches empfohlen.

Feld23.03.2015 16:5025.03.2017 21:18
cvss3_vuldb_acLL
cvss3_vuldb_uiNN
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcCC
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
cvss3_vuldb_avNN
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
vendorH Peter AnvinH Peter Anvin
nametftp-hpatftp-hpa
version5.05.0
cwe119 (Pufferüberlauf)119 (Pufferüberlauf)
risk22
cvss2_vuldb_basescore7.57.5
cvss2_vuldb_tempscore6.56.5
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss3_meta_basescore7.37.3
cvss3_meta_tempscore7.07.0
cvss3_vuldb_basescore7.37.3
cvss3_vuldb_tempscore7.07.0
date1342915200 (22.07.2012)1342915200 (22.07.2012)
locationGIT RepositoryGIT Repository
typeGIT CommitGIT Commit
urlhttp://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8
price_0day$0-$5k$0-$5k
namePatchPatch
upgrade_version5.05.0
patch_urlhttp://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8
cveCVE-2011-2199CVE-2011-2199
cve_nvd_published13429152001342915200
cve_nvd_summaryBuffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option.Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option.
securityfocus4841148411
securityfocus_titletftp-hpa FTP Server 'utimeout' Option Remote Buffer Overflow Vulnerabilitytftp-hpa FTP Server 'utimeout' Option Remote Buffer Overflow Vulnerability
vulnerabilitycenter3210732107
vulnerabilitycenter_titletftp-hpa FTP Server prior to 5.1 Remote Buffer Overflow Vulnerability via Crafted \x27utimeout\x27 Requesttftp-hpa FTP Server prior to 5.1 Remote Buffer Overflow Vulnerability via Crafted \x27utimeout\x27 Request
vulnerabilitycenter_severityCriticalCritical
vulnerabilitycenter_creationdate13098240001309824000
vulnerabilitycenter_lastupdatedate14027904001402790400
vulnerabilitycenter_reportingdate13087872001308787200
xforce6819768197
nessus_id7575675756
nessus_nameopenSUSE Security Update : tftp (openSUSE-SU-2011:0734-1)openSUSE Security Update : tftp (openSUSE-SU-2011:0734-1)
nessus_filenamegentoo_GLSA-201206-12.naslgentoo_GLSA-201206-12.nasl
nessus_familySuSE Local Security ChecksSuSE Local Security Checks
nessus_port00
nessus_date1402617600 (13.06.2014)1402617600 (13.06.2014)
openvas_id7157971579
openvas_filenameglsa_201206_12.naslglsa_201206_12.nasl
openvas_titleGentoo Security Advisory GLSA 201206-12 (tftp-hpa)Gentoo Security Advisory GLSA 201206-12 (tftp-hpa)
openvas_familyGentoo Local Security ChecksGentoo Local Security Checks
qualys_id119353119353
qualys_titletftp-hpa FTP Server "utimeout" Option Remote Buffer Overflow Vulnerabilitytftp-hpa FTP Server "utimeout" Option Remote Buffer Overflow Vulnerability
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiP
cvss2_nvd_aiP
person_nameTimo Warns
confirm_urlhttp://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=blob;f=CHANGES;h=6df0d97b1f6c99f49d65e9ff80aa7b847f0e21e1;hb=badf05140d3c2408715a73a52c0f35887e337c04
cve_assigned1306800000
securityfocus_date1308787200 (23.06.2011)
securityfocus_classBoundary Condition Error

Interested in the pricing of exploits?

See the underground prices here!