VULHUB ™

WinAgents TFTP Server is reported prone to a remote off-by-one buffer overrun vulnerability. The issue is reported to exist due to a lack of sufficient boundary checks performed on filenames when a request is made for a file. A remote attacker may make a malicious request to the server for a filename of excessive length. This request will trigger the vulnerability. Immediate consequences of such an attack will reportedly result in a denial of service.

WinAgents TFTP Server is reported prone to a remote off-by-one buffer overrun vulnerability. The issue is reported to exist due to a lack of sufficient boundary checks performed on filenames when a request is made for a file. A remote attacker may make a malicious request to the server for a filename of excessive length. This request will trigger the vulnerability. Immediate consequences of such an attack will reportedly result in a denial of service.