CVE-2020-6097 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Denial of service |
| Description | An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.2. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1395 | atftp | 0.7.2-2 | 0.7.2-3 | Medium | Fixed | FS#69175 |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 12 Jan 2021 | ASA-202101-24 | AVG-1395 | atftp | Medium | denial of service |
| References |
|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1029 https://sourceforge.net/u/peterkaestle/atftp/ci/96409ef3b9ca061f9527cfaafa778105cf15d994/ |