Vulnerability Note VU#127108
Serva32 2.1.0 TFTPD service buffer overflow vulnerability
Serva32 2.1.0 TFTPD service contains a buffer overflow vulnerability.
The Serva32 2.1.0 TFTPD service contains a buffer overflow vulnerability when parsing large read requests. When the application reads in a large buffer the application crashes.
An unauthenticated attacker can pass large read requests against the application causing it to crash.
We are currently unaware of a practical solution to this problem.
Restrict Network Access
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Serva||Affected||-||13 May 2013|
CVSS Metrics (Learn More)
Thanks to Jonathan Christmas a researcher at Solera Networks for reporting this vulnerability.
This document was written by Michael Orlando.
- CVE IDs: CVE-2013-0145
- Date Public: 14 May 2013
- Date First Published: 14 May 2013
- Date Last Updated: 21 May 2013
- Document Revision: 18
If you have feedback, comments, or additional information about this vulnerability, please send us email.