Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities by philippe_jounin
CVE-2013-6809 (GCVE-0-2013-6809)
Vulnerability from nvd – Published: 2013-12-13 17:00 – Updated: 2024-08-06 17:46
VLAI
EPSS
VEX
Summary
Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://osvdb.org/100511 | vdb-entryx_refsource_OSVDB |
| http://packetstormsecurity.com/files/124275/Tftpd… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://seclists.org/fulldisclosure/2013/Dec/15 | mailing-listx_refsource_FULLDISC |
Date Public
2013-12-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:23.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100511",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/100511"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html"
},
{
"name": "tftpd32-cve20136809-format-string(89455)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89455"
},
{
"name": "20131203 Tftpd32 Client Side Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Dec/15"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "100511",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/100511"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html"
},
{
"name": "tftpd32-cve20136809-format-string(89455)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89455"
},
{
"name": "20131203 Tftpd32 Client Side Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Dec/15"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100511",
"refsource": "OSVDB",
"url": "http://osvdb.org/100511"
},
{
"name": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html"
},
{
"name": "tftpd32-cve20136809-format-string(89455)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89455"
},
{
"name": "20131203 Tftpd32 Client Side Format String Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2013/Dec/15"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6809",
"datePublished": "2013-12-13T17:00:00.000Z",
"dateReserved": "2013-11-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T17:46:23.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4883 (GCVE-0-2005-4883)
Vulnerability from nvd – Published: 2009-11-20 19:00 – Updated: 2024-09-16 20:22
VLAI
EPSS
VEX
Summary
Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote attackers to cause a denial of service (daemon crash) via invalid "connect frames."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://pagesperso-orange.fr/philippe.jounin/tftpd… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://pagesperso-orange.fr/philippe.jounin/tftpd32_news.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote attackers to cause a denial of service (daemon crash) via invalid \"connect frames.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-11-20T19:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://pagesperso-orange.fr/philippe.jounin/tftpd32_news.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4883",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote attackers to cause a denial of service (daemon crash) via invalid \"connect frames.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://pagesperso-orange.fr/philippe.jounin/tftpd32_news.html",
"refsource": "CONFIRM",
"url": "http://pagesperso-orange.fr/philippe.jounin/tftpd32_news.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4883",
"datePublished": "2009-11-20T19:00:00.000Z",
"dateReserved": "2009-11-20T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:22:53.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4882 (GCVE-0-2005-4882)
Vulnerability from nvd – Published: 2009-11-20 19:00 – Updated: 2024-09-17 02:27
VLAI
EPSS
VEX
Summary
tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Simple Imager (WSI) and other products, allows remote attackers to cause a denial of service (daemon crash) via a long filename in a TFTP read (aka RRQ or get) request, a different vulnerability than CVE-2002-2226.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://www.kb.cert.org/vuls/id/632633 | third-party-advisoryx_refsource_CERT-VN |
| http://secway.org/advisory/ad20050108.txt | x_refsource_MISC |
| http://www.osvdb.org/12898 | vdb-entryx_refsource_OSVDB |
| http://securitytracker.com/id?1012856 | vdb-entryx_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.466Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050112 TFTPD32 Long FileName Remote Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-01/0386.html"
},
{
"name": "VU#632633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secway.org/advisory/ad20050108.txt"
},
{
"name": "12898",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12898"
},
{
"name": "1012856",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012856"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Simple Imager (WSI) and other products, allows remote attackers to cause a denial of service (daemon crash) via a long filename in a TFTP read (aka RRQ or get) request, a different vulnerability than CVE-2002-2226."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-11-20T19:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050112 TFTPD32 Long FileName Remote Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-01/0386.html"
},
{
"name": "VU#632633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secway.org/advisory/ad20050108.txt"
},
{
"name": "12898",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12898"
},
{
"name": "1012856",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012856"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4882",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Simple Imager (WSI) and other products, allows remote attackers to cause a denial of service (daemon crash) via a long filename in a TFTP read (aka RRQ or get) request, a different vulnerability than CVE-2002-2226."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050112 TFTPD32 Long FileName Remote Denial of Service",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-01/0386.html"
},
{
"name": "VU#632633",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "http://secway.org/advisory/ad20050108.txt",
"refsource": "MISC",
"url": "http://secway.org/advisory/ad20050108.txt"
},
{
"name": "12898",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12898"
},
{
"name": "1012856",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012856"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4882",
"datePublished": "2009-11-20T19:00:00.000Z",
"dateReserved": "2009-11-20T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:27:05.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6141 (GCVE-0-2006-6141)
Vulnerability from nvd – Published: 2006-11-28 02:00 – Updated: 2024-08-07 20:19
VLAI
EPSS
VEX
Summary
Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/1923 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/21148 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/22968 | third-party-advisoryx_refsource_SECUNIA |
| http://www.kb.cert.org/vuls/id/632633 | third-party-advisoryx_refsource_CERT-VN |
| http://www.osvdb.org/30502 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/archive/1/451951/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2006/4606 | vdb-entryx_refsource_VUPEN |
Date Public
2006-11-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:19:35.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1923",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1923"
},
{
"name": "21148",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21148"
},
{
"name": "22968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22968"
},
{
"name": "VU#632633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "30502",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30502"
},
{
"name": "20061117 TFTPD32 v3.01 TFTP Server Long File Name Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451951/100/200/threaded"
},
{
"name": "tftpd32-gauge-dos(30439)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30439"
},
{
"name": "ADV-2006-4606",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4606"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1923",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1923"
},
{
"name": "21148",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21148"
},
{
"name": "22968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22968"
},
{
"name": "VU#632633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "30502",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30502"
},
{
"name": "20061117 TFTPD32 v3.01 TFTP Server Long File Name Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451951/100/200/threaded"
},
{
"name": "tftpd32-gauge-dos(30439)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30439"
},
{
"name": "ADV-2006-4606",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4606"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1923",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1923"
},
{
"name": "21148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21148"
},
{
"name": "22968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22968"
},
{
"name": "VU#632633",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "30502",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30502"
},
{
"name": "20061117 TFTPD32 v3.01 TFTP Server Long File Name Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451951/100/200/threaded"
},
{
"name": "tftpd32-gauge-dos(30439)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30439"
},
{
"name": "ADV-2006-4606",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4606"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6141",
"datePublished": "2006-11-28T02:00:00.000Z",
"dateReserved": "2006-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:19:35.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0328 (GCVE-0-2006-0328)
Vulnerability from nvd – Published: 2006-01-21 00:00 – Updated: 2024-08-07 16:34
VLAI
EPSS
VEX
Summary
Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/16333 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/362 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/422405/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/22661 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.critical.lt/?vulnerabilities/200 | x_refsource_MISC |
| http://www.kb.cert.org/vuls/id/632633 | third-party-advisoryx_refsource_CERT-VN |
| http://www.vupen.com/english/advisories/2006/0263 | vdb-entryx_refsource_VUPEN |
| http://www.critical.lt/research/tftpd32_281_dos.txt | x_refsource_MISC |
| http://secunia.com/advisories/18539 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-01-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:14.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16333",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16333"
},
{
"name": "362",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/362"
},
{
"name": "20060119 Critical security advisory #006 tftpd32 Format string",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/422405/100/0/threaded"
},
{
"name": "22661",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22661"
},
{
"name": "tftpd32-request-format-string(24250)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24250"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.critical.lt/?vulnerabilities/200"
},
{
"name": "VU#632633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "ADV-2006-0263",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0263"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.critical.lt/research/tftpd32_281_dos.txt"
},
{
"name": "18539",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18539"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16333",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16333"
},
{
"name": "362",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/362"
},
{
"name": "20060119 Critical security advisory #006 tftpd32 Format string",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/422405/100/0/threaded"
},
{
"name": "22661",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22661"
},
{
"name": "tftpd32-request-format-string(24250)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24250"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.critical.lt/?vulnerabilities/200"
},
{
"name": "VU#632633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "ADV-2006-0263",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0263"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.critical.lt/research/tftpd32_281_dos.txt"
},
{
"name": "18539",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18539"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16333",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16333"
},
{
"name": "362",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/362"
},
{
"name": "20060119 Critical security advisory #006 tftpd32 Format string",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/422405/100/0/threaded"
},
{
"name": "22661",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22661"
},
{
"name": "tftpd32-request-format-string(24250)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24250"
},
{
"name": "http://www.critical.lt/?vulnerabilities/200",
"refsource": "MISC",
"url": "http://www.critical.lt/?vulnerabilities/200"
},
{
"name": "VU#632633",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "ADV-2006-0263",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0263"
},
{
"name": "http://www.critical.lt/research/tftpd32_281_dos.txt",
"refsource": "MISC",
"url": "http://www.critical.lt/research/tftpd32_281_dos.txt"
},
{
"name": "18539",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18539"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0328",
"datePublished": "2006-01-21T00:00:00.000Z",
"dateReserved": "2006-01-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:34:14.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6809 (GCVE-0-2013-6809)
Vulnerability from cvelistv5 – Published: 2013-12-13 17:00 – Updated: 2024-08-06 17:46
VLAI
EPSS
VEX
Summary
Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://osvdb.org/100511 | vdb-entryx_refsource_OSVDB |
| http://packetstormsecurity.com/files/124275/Tftpd… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://seclists.org/fulldisclosure/2013/Dec/15 | mailing-listx_refsource_FULLDISC |
Date Public
2013-12-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:23.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100511",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/100511"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html"
},
{
"name": "tftpd32-cve20136809-format-string(89455)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89455"
},
{
"name": "20131203 Tftpd32 Client Side Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Dec/15"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "100511",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/100511"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html"
},
{
"name": "tftpd32-cve20136809-format-string(89455)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89455"
},
{
"name": "20131203 Tftpd32 Client Side Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Dec/15"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100511",
"refsource": "OSVDB",
"url": "http://osvdb.org/100511"
},
{
"name": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html"
},
{
"name": "tftpd32-cve20136809-format-string(89455)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89455"
},
{
"name": "20131203 Tftpd32 Client Side Format String Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2013/Dec/15"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6809",
"datePublished": "2013-12-13T17:00:00.000Z",
"dateReserved": "2013-11-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T17:46:23.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4883 (GCVE-0-2005-4883)
Vulnerability from cvelistv5 – Published: 2009-11-20 19:00 – Updated: 2024-09-16 20:22
VLAI
EPSS
VEX
Summary
Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote attackers to cause a denial of service (daemon crash) via invalid "connect frames."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://pagesperso-orange.fr/philippe.jounin/tftpd… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://pagesperso-orange.fr/philippe.jounin/tftpd32_news.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote attackers to cause a denial of service (daemon crash) via invalid \"connect frames.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-11-20T19:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://pagesperso-orange.fr/philippe.jounin/tftpd32_news.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4883",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote attackers to cause a denial of service (daemon crash) via invalid \"connect frames.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://pagesperso-orange.fr/philippe.jounin/tftpd32_news.html",
"refsource": "CONFIRM",
"url": "http://pagesperso-orange.fr/philippe.jounin/tftpd32_news.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4883",
"datePublished": "2009-11-20T19:00:00.000Z",
"dateReserved": "2009-11-20T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:22:53.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4882 (GCVE-0-2005-4882)
Vulnerability from cvelistv5 – Published: 2009-11-20 19:00 – Updated: 2024-09-17 02:27
VLAI
EPSS
VEX
Summary
tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Simple Imager (WSI) and other products, allows remote attackers to cause a denial of service (daemon crash) via a long filename in a TFTP read (aka RRQ or get) request, a different vulnerability than CVE-2002-2226.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://www.kb.cert.org/vuls/id/632633 | third-party-advisoryx_refsource_CERT-VN |
| http://secway.org/advisory/ad20050108.txt | x_refsource_MISC |
| http://www.osvdb.org/12898 | vdb-entryx_refsource_OSVDB |
| http://securitytracker.com/id?1012856 | vdb-entryx_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.466Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050112 TFTPD32 Long FileName Remote Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-01/0386.html"
},
{
"name": "VU#632633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secway.org/advisory/ad20050108.txt"
},
{
"name": "12898",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12898"
},
{
"name": "1012856",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012856"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Simple Imager (WSI) and other products, allows remote attackers to cause a denial of service (daemon crash) via a long filename in a TFTP read (aka RRQ or get) request, a different vulnerability than CVE-2002-2226."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-11-20T19:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050112 TFTPD32 Long FileName Remote Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-01/0386.html"
},
{
"name": "VU#632633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secway.org/advisory/ad20050108.txt"
},
{
"name": "12898",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12898"
},
{
"name": "1012856",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012856"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4882",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Simple Imager (WSI) and other products, allows remote attackers to cause a denial of service (daemon crash) via a long filename in a TFTP read (aka RRQ or get) request, a different vulnerability than CVE-2002-2226."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050112 TFTPD32 Long FileName Remote Denial of Service",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-01/0386.html"
},
{
"name": "VU#632633",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "http://secway.org/advisory/ad20050108.txt",
"refsource": "MISC",
"url": "http://secway.org/advisory/ad20050108.txt"
},
{
"name": "12898",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12898"
},
{
"name": "1012856",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012856"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4882",
"datePublished": "2009-11-20T19:00:00.000Z",
"dateReserved": "2009-11-20T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:27:05.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6141 (GCVE-0-2006-6141)
Vulnerability from cvelistv5 – Published: 2006-11-28 02:00 – Updated: 2024-08-07 20:19
VLAI
EPSS
VEX
Summary
Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/1923 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/21148 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/22968 | third-party-advisoryx_refsource_SECUNIA |
| http://www.kb.cert.org/vuls/id/632633 | third-party-advisoryx_refsource_CERT-VN |
| http://www.osvdb.org/30502 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/archive/1/451951/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2006/4606 | vdb-entryx_refsource_VUPEN |
Date Public
2006-11-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:19:35.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1923",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1923"
},
{
"name": "21148",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21148"
},
{
"name": "22968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22968"
},
{
"name": "VU#632633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "30502",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30502"
},
{
"name": "20061117 TFTPD32 v3.01 TFTP Server Long File Name Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451951/100/200/threaded"
},
{
"name": "tftpd32-gauge-dos(30439)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30439"
},
{
"name": "ADV-2006-4606",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4606"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1923",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1923"
},
{
"name": "21148",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21148"
},
{
"name": "22968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22968"
},
{
"name": "VU#632633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "30502",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30502"
},
{
"name": "20061117 TFTPD32 v3.01 TFTP Server Long File Name Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451951/100/200/threaded"
},
{
"name": "tftpd32-gauge-dos(30439)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30439"
},
{
"name": "ADV-2006-4606",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4606"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1923",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1923"
},
{
"name": "21148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21148"
},
{
"name": "22968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22968"
},
{
"name": "VU#632633",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "30502",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30502"
},
{
"name": "20061117 TFTPD32 v3.01 TFTP Server Long File Name Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451951/100/200/threaded"
},
{
"name": "tftpd32-gauge-dos(30439)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30439"
},
{
"name": "ADV-2006-4606",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4606"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6141",
"datePublished": "2006-11-28T02:00:00.000Z",
"dateReserved": "2006-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:19:35.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0328 (GCVE-0-2006-0328)
Vulnerability from cvelistv5 – Published: 2006-01-21 00:00 – Updated: 2024-08-07 16:34
VLAI
EPSS
VEX
Summary
Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/16333 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/362 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/422405/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/22661 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.critical.lt/?vulnerabilities/200 | x_refsource_MISC |
| http://www.kb.cert.org/vuls/id/632633 | third-party-advisoryx_refsource_CERT-VN |
| http://www.vupen.com/english/advisories/2006/0263 | vdb-entryx_refsource_VUPEN |
| http://www.critical.lt/research/tftpd32_281_dos.txt | x_refsource_MISC |
| http://secunia.com/advisories/18539 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-01-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:14.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16333",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16333"
},
{
"name": "362",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/362"
},
{
"name": "20060119 Critical security advisory #006 tftpd32 Format string",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/422405/100/0/threaded"
},
{
"name": "22661",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22661"
},
{
"name": "tftpd32-request-format-string(24250)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24250"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.critical.lt/?vulnerabilities/200"
},
{
"name": "VU#632633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "ADV-2006-0263",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0263"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.critical.lt/research/tftpd32_281_dos.txt"
},
{
"name": "18539",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18539"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16333",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16333"
},
{
"name": "362",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/362"
},
{
"name": "20060119 Critical security advisory #006 tftpd32 Format string",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/422405/100/0/threaded"
},
{
"name": "22661",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22661"
},
{
"name": "tftpd32-request-format-string(24250)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24250"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.critical.lt/?vulnerabilities/200"
},
{
"name": "VU#632633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "ADV-2006-0263",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0263"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.critical.lt/research/tftpd32_281_dos.txt"
},
{
"name": "18539",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18539"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16333",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16333"
},
{
"name": "362",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/362"
},
{
"name": "20060119 Critical security advisory #006 tftpd32 Format string",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/422405/100/0/threaded"
},
{
"name": "22661",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22661"
},
{
"name": "tftpd32-request-format-string(24250)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24250"
},
{
"name": "http://www.critical.lt/?vulnerabilities/200",
"refsource": "MISC",
"url": "http://www.critical.lt/?vulnerabilities/200"
},
{
"name": "VU#632633",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/632633"
},
{
"name": "ADV-2006-0263",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0263"
},
{
"name": "http://www.critical.lt/research/tftpd32_281_dos.txt",
"refsource": "MISC",
"url": "http://www.critical.lt/research/tftpd32_281_dos.txt"
},
{
"name": "18539",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18539"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0328",
"datePublished": "2006-01-21T00:00:00.000Z",
"dateReserved": "2006-01-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:34:14.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}