Philippe Jounin » Tftpd32 : Security Vulnerabilities, CVEs,
Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field.
Max CVSS
5.0
EPSS Score
0.79%
Published
2013-12-13
Updated
2017-08-29
Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window.
Max CVSS
5.0
EPSS Score
9.84%
Published
2006-11-28
Updated
2018-10-17
Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request.
Max CVSS
5.0
EPSS Score
91.73%
Published
2006-01-21
Updated
2018-10-19
Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote attackers to cause a denial of service (daemon crash) via invalid "connect frames."
Max CVSS
4.3
EPSS Score
0.17%
Published
2009-11-20
Updated
2009-11-23
tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Simple Imager (WSI) and other products, allows remote attackers to cause a denial of service (daemon crash) via a long filename in a TFTP read (aka RRQ or get) request, a different vulnerability than CVE-2002-2226.
Max CVSS
5.0
EPSS Score
0.38%
Published
2009-11-20
Updated
2009-11-23
5 vulnerabilities found