Tftp: Security Vulnerabilities
Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a long TFTP error packet. NOTE: some of these details are obtained from third party information.
CVSS Score
10.0
EPSS Score
0.789
Published
2008-05-12
Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function.
CVSS Score
7.5
EPSS Score
0.013
Published
2004-12-31
tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a GET request with a DOS device name such as com1 or aux.
CVSS Score
5.0
EPSS Score
0.008
Published
2002-12-31
Linux implementations of TFTP would allow access to files outside the restricted directory.
CVSS Score
6.4
EPSS Score
0.007
Published
1997-09-01