CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1485

Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 78.9%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=109882085912915&w=2
http://www.securityfocus.com/bid/11527
https://exchange.xforce.ibmcloud.com/vulnerabilities/17878
http://marc.info/?l=bugtraq&m=109882085912915&w=2
http://www.securityfocus.com/bid/11527
https://exchange.xforce.ibmcloud.com/vulnerabilities/17878

Products affected by CVE-2004-1485

Gnu » Inetutils » Version: 1.4.2

cpe:2.3:a:gnu:inetutils:1.4.2
Tftp » Tftp » Version: 0.29

cpe:2.3:a:tftp:tftp:0.29
Tftp » Tftp » Version: 0.32

cpe:2.3:a:tftp:tftp:0.32
Tftp » Tftp » Version: 0.34

cpe:2.3:a:tftp:tftp:0.34
Tftp » Tftp » Version: 0.36

cpe:2.3:a:tftp:tftp:0.36
Tftp » Tftp » Version: 0.38

cpe:2.3:a:tftp:tftp:0.38

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1485

Products

Pricing

Contact Us