Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2199

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-2199
Last Modified 23 Jul 2012 12:00:00
Published 22 Jul 2012 01:55:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2199

Summary

Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option.

Vulnerable Systems

Application

  • H Peter Anvin Tftp-hpa 5.0


References

BID - 48411

MISC - http://www.pre-cert.de/advisories/PRE-SA-2011-05.txt

MLIST - [oss-security] 20110613 Re: CVE request: buffer overflow in tftp-hpa

GENTOO - GLSA-201206-12

CONFIRM - http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8

CONFIRM - http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=blob;f=CHANGES;h=6df0d97b1f6c99f49d65e9ff80aa7b847f0e21e1;hb=badf05140d3c2408715a73a52c0f35887e337c04

Related Patches

Novell SUSE 2011:7590 tftp security update for SLE 10 SP4 i586


Last Updated: 27 May 2016 10:54:56