Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

[PRE-SA-2011-05] Buffer overflow in tftp-hpa daemon

From: Timo Warns <warns () pre-sense de>
Date: Fri, 24 Jun 2011 20:45:06 +0200
PRE-CERT Security Advisory
==========================

* Advisory: PRE-SA-2011-05
* Released on: 22 Jun 2011
* Last updated on: 22 Jun 2011
* Affected product: tftp-hpa 0.30 - 5.0
* Impact: buffer overflow
* Origin: remote tftp client
* Credit: Timo Warns (PRESENSE Technologies GmbH)
* CVE Identifier: CVE-2011-2199


Summary
-------

The tftp-hpa daemon contains a buffer overflow vulnerability in the
function for setting the utimeout option. As the daemon accepts the
option from clients, the vulnerability can be remotely exploited.


Solution
--------

For a patch, see
http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8


References
----------

When further information becomes available, this advisory will be
updated. The most recent version of this advisory is available at:

http://www.pre-cert.de/advisories/PRE-SA-2011-05.txt


Contact
-------

PRE-CERT can be reached under precert () pre-secure de. For PGP
key information, refer to http://www.pre-cert.de/.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: