Lucene search

[email protected]CVE-2013-6809

HistoryDec 13, 2013 - 6:55 p.m.

CVE-2013-6809

2013-12-1318:55:05

CWE-134

[email protected]

web.nvd.nist.gov

cve

2013

6809

format string vulnerability

tftpd32

remote servers

denial of service

execute arbitrary code

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

8.2 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.5%

JSON

Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field.

Affected configurations

NVD

Node

philippe_jounintftpd32Range≤4.00

philippe_jounintftpd32Match1.0

philippe_jounintftpd32Match1.1

philippe_jounintftpd32Match2.0

philippe_jounintftpd32Match2.1

philippe_jounintftpd32Match2.2

philippe_jounintftpd32Match2.11

philippe_jounintftpd32Match2.21

philippe_jounintftpd32Match2.51

philippe_jounintftpd32Match2.52

philippe_jounintftpd32Match2.53

philippe_jounintftpd32Match2.54

philippe_jounintftpd32Match2.60

philippe_jounintftpd32Match2.62

philippe_jounintftpd32Match2.70

philippe_jounintftpd32Match2.71

philippe_jounintftpd32Match2.72

philippe_jounintftpd32Match2.73

philippe_jounintftpd32Match2.74

philippe_jounintftpd32Match2.80

philippe_jounintftpd32Match2.81

philippe_jounintftpd32Match2.82

philippe_jounintftpd32Match2.83

philippe_jounintftpd32Match2.84

philippe_jounintftpd32Match3.00

philippe_jounintftpd32Match3.01

philippe_jounintftpd32Match3.02

philippe_jounintftpd32Match3.03

philippe_jounintftpd32Match3.10beta

philippe_jounintftpd32Match3.20

philippe_jounintftpd32Match3.22

philippe_jounintftpd32Match3.23

philippe_jounintftpd32Match3.26

philippe_jounintftpd32Match3.27

philippe_jounintftpd32Match3.28

philippe_jounintftpd32Match3.29

philippe_jounintftpd32Match3.31

philippe_jounintftpd32Match3.33

philippe_jounintftpd32Match3.34

philippe_jounintftpd32Match3.35

philippe_jounintftpd32Match3.50

philippe_jounintftpd32Match3.51

CPENameOperatorVersion
philippe_jounin:tftpd32philippe jounin tftpd32le4.00
philippe_jounin:tftpd32philippe jounin tftpd32eq1.0
philippe_jounin:tftpd32philippe jounin tftpd32eq1.1
philippe_jounin:tftpd32philippe jounin tftpd32eq2.0
philippe_jounin:tftpd32philippe jounin tftpd32eq2.1
philippe_jounin:tftpd32philippe jounin tftpd32eq2.2
philippe_jounin:tftpd32philippe jounin tftpd32eq2.11
philippe_jounin:tftpd32philippe jounin tftpd32eq2.21
philippe_jounin:tftpd32philippe jounin tftpd32eq2.51
philippe_jounin:tftpd32philippe jounin tftpd32eq2.52

CPE	Name	Operator	Version
philippe_jounin:tftpd32	philippe jounin tftpd32	le	4.00
philippe_jounin:tftpd32	philippe jounin tftpd32	eq	1.0
philippe_jounin:tftpd32	philippe jounin tftpd32	eq	1.1
philippe_jounin:tftpd32	philippe jounin tftpd32	eq	2.0
philippe_jounin:tftpd32	philippe jounin tftpd32	eq	2.1
philippe_jounin:tftpd32	philippe jounin tftpd32	eq	2.2
philippe_jounin:tftpd32	philippe jounin tftpd32	eq	2.11
philippe_jounin:tftpd32	philippe jounin tftpd32	eq	2.21
philippe_jounin:tftpd32	philippe jounin tftpd32	eq	2.51
philippe_jounin:tftpd32	philippe jounin tftpd32	eq	2.52

Rows per page:

1-10 of 421

References

osvdb.org/100511

packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html

seclists.org/fulldisclosure/2013/Dec/15

exchange.xforce.ibmcloud.com/vulnerabilities/89455

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

8.2 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.5%

JSON

Related for CVE-2013-6809

prion1 nvd1 packetstorm1 cvelist1