vendor:
TFTP Server
by:
Unknown
7.5
CVSS
HIGH
Remote Off-by-One Buffer Overrun
119
CWE
Product Name: TFTP Server
Affected Version From: WinAgents TFTP Server ver 3.0
Affected Version To: WinAgents TFTP Server ver 3.0
Patch Exists: No
Related CWE: Unknown
CPE: a:winagents:tftp_server:3.0
Platforms Tested:
Unknown
WinAgents TFTP Server Remote Off-by-One Buffer Overrun Vulnerability
The WinAgents TFTP Server is prone to a remote off-by-one buffer overrun vulnerability. The issue occurs due to a lack of sufficient boundary checks performed on filenames when a request is made for a file. A remote attacker can exploit this vulnerability by sending a malicious request with a filename of excessive length, triggering the vulnerability and resulting in a denial of service.
Mitigation:
No known mitigation or remediation