Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tftp-server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-1952
Directory traversal vulnerability in WinAgents TFTP Server for Windows 3.1 and previous versions allows remote malicious users to read arbitrary files via "..." (triple dot) sequences in a GET request.
Winagents Tftp Server
5
CVSSv2
CVE-2006-0328
Format string vulnerability in Tftpd32 2.81 allows remote malicious users to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request.
Philippe Jounin Tftpd32 2.81
1 EDB exploit
10
CVSSv2
CVE-2005-1812
Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote malicious users to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet.
Futuresoft Tftp Server 2000 1.0.0.1
2 EDB exploits
7.8
CVSSv2
CVE-2005-1813
Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote malicious users to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (2) "..\" (dot dot backslash) sequences.
Futuresoft Tftp Server 2000 1.0.0.1
7.5
CVSSv2
CVE-2004-0951
The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote malicious users to obtain sensitive information.
Hp Ignite-ux C.6.2.241
6.4
CVSSv2
CVE-2004-0952
HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote malicious users to modify data or cause disk consumption.
Hp Hp-ux 11.11
Hp Hp-ux 11.22
Hp Hp-ux 11.00
Hp Hp-ux 11.23
5
CVSSv2
CVE-2004-2432
WinAgents TFTP Server 3.0 allows remote malicious users to cause a denial of service (crash) via a request for a file with a long file name, possibly due to an off-by-one buffer overflow.
5
CVSSv2
CVE-2003-1264
TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote malicious users to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without ...
D-link Di-614\\+ 2.0
Longshine Technologie Longshine Wireless Ethernet Access Point Lcs-883r-ac-b
5
CVSSv2
CVE-2002-1542
SolarWinds TFTP server 5.0.55 and previous versions allows remote malicious users to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow.
Solarwinds Tftp Server 5.0.55 Standard
1 EDB exploit
7.5
CVSSv2
CVE-2002-2226
Buffer overflow in tftpd of TFTP32 2.21 and previous versions allows remote malicious users to execute arbitrary code via a long filename argument.
Tftpd32 Tftpd32
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »