Ubuntu Security Notice 4643-1 - It was discovered that atftp's FTP server did not properly handler certain input. An attacker could use this to to cause a denial of service or possibly execute arbitrary code. It was discovered that atftp's FTP server did not make proper use of mutexes when locking certain data structures. An attacker could use this to cause a denial of service via a NULL pointer dereference.
3b6bc9b46d9d6aa32a2461a6debd03303a67760fd5ff0a3c496573182775fb7bUbuntu Security Notice 4540-1 - Denis Andzakovic discovered that atftpd incorrectly handled certain malformed packets. A remote attacker could send a specially crafted packet to cause atftpd to crash, resulting in a denial of service. Denis Andzakovic discovered that atftpd did not properly lock the thread list mutex. An attacker could send a large number of tftpd packets simultaneously when running atftpd in daemon mode to cause atftpd to crash, resulting in a denial of service. Various other issues were also addressed.
795f3cef45822be0c6f85455334f008d9e5c155d64359a0af3f53e85769f76e2Gentoo Linux Security Advisory 202003-14 - Multiple vulnerabilities have been found in atftp, the worst of which could result in the execution of arbitrary code. Versions less than 0.7.2 are affected.
e868f6fcc60d36b3dd36ca9fcb25195855e3b168e6f5fd863993729fd717bcedDebian Linux Security Advisory 4438-1 - Denis Andzakovic discovered two vulnerabilities in atftp, the advanced TFTP server which could result in denial of service by sending malformed packets.
19ad0b8f7ac480a316c9fb32992335c656459fd7a97c6bae813f7512d816be09
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed