CVE-2005-4882

Published Nov 20, 2009

Last updated a month ago

CVSS info 5.0

Overview

Description: tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Simple Imager (WSI) and other products, allows remote attackers to cause a denial of service (daemon crash) via a long filename in a TFTP read (aka RRQ or get) request, a different vulnerability than CVE-2002-2226.
Source: cve@mitre.org
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:philippe_jounin:tftpd32:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61767087-CB3B-48E6-A878-585DA404AAE7",
            "versionEndIncluding": "2.74"
          },
          {
            "criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E5179AD-626E-49CE-A901-D11A0F91365B"
          },
          {
            "criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.5:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCD76387-D5C6-4208-9A07-C8CACF364152"
          },
          {
            "criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.51:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01577E14-494A-41E7-AAE3-CE056D5D47A9"
          },
          {
            "criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.52:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2643C36-668E-457F-BB34-154D39025BD4"
          },
          {
            "criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.53:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA1FDE23-01D4-475D-AEB5-149C0C3E184B"
          },
          {
            "criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.54:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "037A8135-0860-4D78-9BD3-8159BF2A658E"
          },
          {
            "criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.60:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D31EFFDF-1234-4472-A869-5949B2006F66"
          },
          {
            "criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.62:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E048D128-8BCD-4E74-85CC-9ADA091C9C2E"
          },
          {
            "criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.70:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D59FAF65-D5D5-4A45-8A18-CA40C63807EB"
          },
          {
            "criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.72:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E258100C-F46E-414C-8ACA-063C87823FF5"
          },
          {
            "criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.73:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "460C391A-E8FB-4921-ADFF-5E5F6C8C36D8"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References