CVE-2004-1636

Description

Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet.

Affected Software
References

Software	From	Fixed in
net_integration_technologies_inc. / wvtftp	0.9	0.9.x

http://marc.info/?l=bugtraq&m=109885074513940&w=2
http://secunia.com/advisories/12986
http://www.securityfocus.com/bid/11525
https://exchange.xforce.ibmcloud.com/vulnerabilities/17869

Severity: High

CVE: CVE-2004-1636
Published: Oct 26, 2004
Updated: Apr 13, 2023
Exploit:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CVE-2004-1636

Description

Details

CVSS v2