Bug 25753 - CVE-2011-2199: buffer overflow in tftp-hpa
Summary: CVE-2011-2199: buffer overflow in tftp-hpa
Alias: None
Product: Sisyphus
Classification: Development
Component: tftpd (show other bugs)
Version: unstable
Hardware: all Linux
: P3 critical
Assignee: Sergey Bolshakov
QA Contact: qa-sisyphus
URL: http://openwall.com/lists/oss-securit...
Keywords: security
Depends on:
Reported: 2011-06-13 20:59 MSK by Dmitry V. Levin
Modified: 2011-06-18 01:11 MSK (History)
2 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Dmitry V. Levin 2011-06-13 20:59:38 MSK
"The tftp-hpa daemon contained a buffer overflow vulnerability in the
function for setting the utimeout option. As the daemon accepts this
option from clients, the buffer overflow can be remotely exploited."
Comment 1 Dmitry V. Levin 2011-06-14 01:23:07 MSK
Here is the gitweb URL for that patch:
Comment 2 Michael Shigorin 2011-06-18 01:11:20 MSK
tftp - The client for the Trivial File Transfer Protocol (TFTP)
* Tue Jun 14 2011 Damir Shayhutdinov <damir@altlinux> 5.0-alt3
- Fix buffer overflow in utimeout option (CVE 2011-2199, closes #25753)