CVE-2008-1403 – BootManage TFTP Server 1.99 - 'Filename' Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2008-1403

Stack-based buffer overflow in the TFTP server in BootManage TFTPD 1.99 and earlier in BootManage Administrator 7.1 and earlier allows remote attackers to execute arbitrary code via a request with a long filename. Desbordamiento de búfer basado en pila en el servidor TFTP de BootManage TFTPD versión 1.99 y anteriores permite a atacantes remotos ejecutar código de su elección utilizando una petición con un nombre de fichero demasiado largo. • https://www.exploit-db.com/exploits/31409 http://aluigi.altervista.org/adv/bootixtftpd-adv.txt http://secunia.com/advisories/29404 http://www.securityfocus.com/archive/1/489705/100/0/threaded http://www.securityfocus.com/bid/28270 https://exchange.xforce.ibmcloud.com/vulnerabilities/41226 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •