oss-sec mailing list archives
CVE request: buffer overflow in tftp-hpa
From: Timo Warns <warns () pre-sense de>
Date: Sat, 11 Jun 2011 21:08:58 +0200
The tftp-hpa daemon contained a buffer overflow vulnerability in the function for setting the utimeout option. As the daemon accepts this option from clients, the buffer overflow can be remotely exploited. For a patch, see
git clone http://www.kernel.org/pub/scm/network/tftp/tftp-hpa.git/ git diff 2864 f303
Thanks, Timo
Current thread:
- CVE request: buffer overflow in tftp-hpa Timo Warns (Jun 11)
- Re: CVE request: buffer overflow in tftp-hpa Josh Bressers (Jun 13)