Published: 12/08/2002 Updated: 18/10/2016

CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6

VMScore: 715

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote malicious users to cause a denial of service (reset) or modify configuration via a long filename.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios 11.1
cisco ios 11.2
cisco ios 11.3

Trivial File Transfer Protocol (TFTP) is a protocol which allows for easy transfer of files between network connected devices A vulnerability has been discovered in the processing of filenames within a TFTP read request on IOS devices and PXM-1 based MGX switches The following products are identified as affected by this vulnerability: ...

source: wwwsecurityfocuscom/bid/5328/info A problem has been discovered in Cisco IOS and MGX switches that could result in a denial of service, and potential code execution It has been discovered that the TFTP server file name handling of Cisco IOS is vulnerable to a buffer overflow This overflow results due insufficient bounds checkin ...

CWE-119 http://online.securityfocus.com/archive/1/284634 http://www.cisco.com/warp/public/707/ios-tftp-long-filename-pub.shtml http://www.iss.net/security_center/static/9700.php http://www.securityfocus.com/bid/5328 http://www.osvdb.org/854 http://marc.info/?l=bugtraq&m=103002169829669&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/21655/http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020730-ioc-tftp-lfn

CVE-2002-0813

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect