Vulnerability Details CVE-2008-1403
Stack-based buffer overflow in the TFTP server in BootManage TFTPD 1.99 and earlier in BootManage Administrator 7.1 and earlier allows remote attackers to execute arbitrary code via a request with a long filename.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.053
EPSS Ranking 89.5%
CVSS Severity
CVSS v2 Score 6.8
References
- http://aluigi.altervista.org/adv/bootixtftpd-adv.txt
- http://secunia.com/advisories/29404
- http://www.securityfocus.com/archive/1/489705/100/0/threaded
- http://www.securityfocus.com/bid/28270
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41226
- http://aluigi.altervista.org/adv/bootixtftpd-adv.txt
- http://secunia.com/advisories/29404
- http://www.securityfocus.com/archive/1/489705/100/0/threaded
- http://www.securityfocus.com/bid/28270
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41226
Products affected by CVE-2008-1403
-
cpe:2.3:a:bootmanage:administrator:*
-
cpe:2.3:a:bootmanage:tftpd:*