Vulnerability Description
Heap-based buffer overflow in FutureSoft TFTP Server Multithreaded (MT) 1.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code by sending a crafted packet to port 69/UDP, which triggers the overflow when constructing an absolute path name. NOTE: Some details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Futuresoft | Tftp Server Multithreaded | 1.1 |
References
- http://secunia.com/advisories/21844ExploitVendor Advisory
- http://www.securityfocus.com/bid/19925Exploit
- http://www.vupen.com/english/advisories/2006/3559
- https://www.exploit-db.com/exploits/2334
- http://secunia.com/advisories/21844ExploitVendor Advisory
- http://www.securityfocus.com/bid/19925Exploit
- http://www.vupen.com/english/advisories/2006/3559
- https://www.exploit-db.com/exploits/2334
FAQ
What is CVE-2006-4781?
CVE-2006-4781 is a vulnerability with a CVSS score of 7.5 (HIGH). Heap-based buffer overflow in FutureSoft TFTP Server Multithreaded (MT) 1.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code by sending a crafted packet ...
How severe is CVE-2006-4781?
CVE-2006-4781 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4781?
Check the references section above for vendor advisories and patch information. Affected products include: Futuresoft Tftp Server Multithreaded.