Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tftp-server vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2006-1951
Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and previous versions allows remote malicious users to download arbitrary files via a crafted GET request including "....//" sequences, which are collapsed into "../" sequences by filtering.
Solarwinds Tftp Server 5.0.55 Standard
Solarwinds Tftp Server 5.0.60standard
Solarwinds Tftp Server 8.1
505
VMScore
CVE-2006-0328
Format string vulnerability in Tftpd32 2.81 allows remote malicious users to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request.
Philippe Jounin Tftpd32 2.81
1 EDB exploit
1000
VMScore
CVE-2005-1812
Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote malicious users to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet.
Futuresoft Tftp Server 2000 1.0.0.1
2 EDB exploits
694
VMScore
CVE-2005-1813
Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote malicious users to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (2) "..\" (dot dot backslash) sequences.
Futuresoft Tftp Server 2000 1.0.0.1
445
VMScore
CVE-2004-2432
WinAgents TFTP Server 3.0 allows remote malicious users to cause a denial of service (crash) via a request for a file with a long file name, possibly due to an off-by-one buffer overflow.
668
VMScore
CVE-2004-0951
The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote malicious users to obtain sensitive information.
Hp Ignite-ux C.6.2.241
570
VMScore
CVE-2004-0952
HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote malicious users to modify data or cause disk consumption.
Hp Hp-ux 11.11
Hp Hp-ux 11.22
Hp Hp-ux 11.00
Hp Hp-ux 11.23
445
VMScore
CVE-2003-1264
TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote malicious users to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without ...
D-link Di-614\\+ 2.0
Longshine Technologie Longshine Wireless Ethernet Access Point Lcs-883r-ac-b
505
VMScore
CVE-2002-1542
SolarWinds TFTP server 5.0.55 and previous versions allows remote malicious users to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow.
Solarwinds Tftp Server 5.0.55 Standard
1 EDB exploit
760
VMScore
CVE-2002-2226
Buffer overflow in tftpd of TFTP32 2.21 and previous versions allows remote malicious users to execute arbitrary code via a long filename argument.
Tftpd32 Tftpd32
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »