CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 1CVE-2021-46671 – Ubuntu Security Notice USN-6334-1
https://notcve.org/view.php?id=CVE-2021-46671
04 Feb 2022 — options.c in atftp before 0.7.5 reads past the end of an array, and consequently discloses server-side /etc/group data to a remote client. El archivo options.c en atftp versiones anteriores a 0.7.5, lee más allá del final de un array, y en consecuencia revela datos de /etc/group del lado del servidor a un cliente remoto Peter Wang discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server to cause a crash. Andreas B. Mundt discov... • https://bugs.debian.org/1004974 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-41054 – Ubuntu Security Notice USN-6334-1
https://notcve.org/view.php?id=CVE-2021-41054
13 Sep 2021 — tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options. el archivo tftpd_file.c en atftp versiones hasta 0.7.4, presenta un desbordamiento de búfer porque el manejo del tamaño del búfer no considera apropiadamente la combinación de datos, OACK y otras opciones Peter Wang discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the s... • https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41054 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-6097 – Ubuntu Security Notice USN-6334-1
https://notcve.org/view.php?id=CVE-2020-6097
10 Sep 2020 — An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio explotable en la funcionalidad del demonio de atftpd de atftp versión 0.7.git20120829-3.1+b1. Una secuencia especialmente diseñada d... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00058.html • CWE-617: Reachable Assertion •
CVSS: 5.9EPSS: 2%CPEs: 1EXPL: 1CVE-2019-11366 – Ubuntu Security Notice USN-4643-1
https://notcve.org/view.php?id=CVE-2019-11366
20 Apr 2019 — An issue was discovered in atftpd in atftp 0.7.1. It does not lock the thread_list_mutex mutex before assigning the current thread data structure. As a result, the daemon is vulnerable to a denial of service attack due to a NULL pointer dereference. If thread_data is NULL when assigned to current, and modified by another thread before a certain tftpd_list.c check, there is a crash when dereferencing current->next. Fue encontrado un problema en atftpd en atftp versión 0.7.1. • https://lists.debian.org/debian-lts-announce/2019/05/msg00012.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 11%CPEs: 1EXPL: 1CVE-2019-11365 – Ubuntu Security Notice USN-4643-1
https://notcve.org/view.php?id=CVE-2019-11365
20 Apr 2019 — An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this vulnerable strncpy pattern within the code base, specifically within tftpd_file.c, tftp_file.c, tftpd_mtftp.c, and tftp_mtftp.c. Fue encontrado un problema en atftpd en atftp versión 0.7.1. • https://lists.debian.org/debian-lts-announce/2019/05/msg00012.html • CWE-787: Out-of-bounds Write •