PRE-CERT Security Advisory ========================== * Advisory: PRE-SA-2011-05 * Released on: 22 Jun 2011 * Last updated on: 22 Jun 2011 * Affected product: tftp-hpa 0.30 - 5.0 * Impact: buffer overflow * Origin: remote tftp client * Credit: Timo Warns (PRESENSE Technologies GmbH) * CVE Identifier: CVE-2011-2199 Summary ------- The tftp-hpa daemon contains a buffer overflow vulnerability in the function for setting the utimeout option. As the daemon accepts the option from clients, the vulnerability can be remotely exploited. Solution -------- For a patch, see http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8 References ---------- When further information becomes available, this advisory will be updated. The most recent version of this advisory is available at: http://www.pre-cert.de/advisories/PRE-SA-2011-05.txt Contact ------- PRE-CERT can be reached under precert@pre-secure.de. For PGP key information, refer to http://www.pre-cert.de/. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/