[PRE-SA-2011-05] Buffer overflow in tftp-hpa daemon

From: Timo Warns <warns@pre-sense.de>
To: bugtraq@securityfocus.com,full-disclosure@lists.grok.org.uk
Cc:
Subject: [PRE-SA-2011-05] Buffer overflow in tftp-hpa daemon
Date:


PRE-CERT Security Advisory
==========================

* Advisory: PRE-SA-2011-05
* Released on: 22 Jun 2011
* Last updated on: 22 Jun 2011
* Affected product: tftp-hpa 0.30 - 5.0
* Impact: buffer overflow
* Origin: remote tftp client
* Credit: Timo Warns (PRESENSE Technologies GmbH)
* CVE Identifier: CVE-2011-2199


Summary
-------

The tftp-hpa daemon contains a buffer overflow vulnerability in the
function for setting the utimeout option. As the daemon accepts the
option from clients, the vulnerability can be remotely exploited.


Solution
--------

For a patch, see
http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8


References
----------

When further information becomes available, this advisory will be
updated. The most recent version of this advisory is available at:

http://www.pre-cert.de/advisories/PRE-SA-2011-05.txt


Contact
-------

PRE-CERT can be reached under precert@pre-secure.de. For PGP
key information, refer to http://www.pre-cert.de/.





Copyright © 1995-2020 LinuxRocket.net. All rights reserved.