Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tftp-server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-1951
Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and previous versions allows remote malicious users to download arbitrary files via a crafted GET request including "....//" sequences, which are collapsed into "../" sequences by filtering.
Solarwinds Tftp Server 5.0.55 Standard
Solarwinds Tftp Server 5.0.60standard
Solarwinds Tftp Server 8.1
5
CVSSv2
CVE-2006-1952
Directory traversal vulnerability in WinAgents TFTP Server for Windows 3.1 and previous versions allows remote malicious users to read arbitrary files via "..." (triple dot) sequences in a GET request.
Winagents Tftp Server
5
CVSSv2
CVE-2006-0328
Format string vulnerability in Tftpd32 2.81 allows remote malicious users to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request.
Philippe Jounin Tftpd32 2.81
1 EDB exploit
10
CVSSv2
CVE-2005-1812
Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote malicious users to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet.
Futuresoft Tftp Server 2000 1.0.0.1
2 EDB exploits
7.8
CVSSv2
CVE-2005-1813
Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote malicious users to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (2) "..\" (dot dot backslash) sequences.
Futuresoft Tftp Server 2000 1.0.0.1
5
CVSSv2
CVE-2004-2432
WinAgents TFTP Server 3.0 allows remote malicious users to cause a denial of service (crash) via a request for a file with a long file name, possibly due to an off-by-one buffer overflow.
6.4
CVSSv2
CVE-2004-0952
HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote malicious users to modify data or cause disk consumption.
Hp Hp-ux 11.11
Hp Hp-ux 11.22
Hp Hp-ux 11.00
Hp Hp-ux 11.23
7.5
CVSSv2
CVE-2004-0951
The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote malicious users to obtain sensitive information.
Hp Ignite-ux C.6.2.241
5
CVSSv2
CVE-2003-1264
TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote malicious users to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without ...
D-link Di-614\\+ 2.0
Longshine Technologie Longshine Wireless Ethernet Access Point Lcs-883r-ac-b
5
CVSSv2
CVE-2002-1542
SolarWinds TFTP server 5.0.55 and previous versions allows remote malicious users to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow.
Solarwinds Tftp Server 5.0.55 Standard
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »