CVE-2006-6184

EPSS 64.3%

Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.

Affected products

n/a · n/a

public PoCs found — 8

githubgithub.com/shauntdergrigorian/cve-2006-6184★ 11 githubgithub.com/b03902043/CVE-2006-6184★ 0 exploitdbwww.exploit-db.com/exploits/10603unverified exploitdbwww.exploit-db.com/exploits/24952unverified exploitdbwww.exploit-db.com/exploits/2887unverified cve_referencewww.exploit-db.com/exploits/16350unverified exploitdbwww.exploit-db.com/exploits/16350unverified cve_referencewww.exploit-db.com/exploits/24952unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/23106 http://securityreason.com/securityalert/1929 http://securityreason.com/securityalert/8120 https://exchange.xforce.ibmcloud.com/vulnerabilities/30539 http://www.exploit-db.com/exploits/16350 http://www.exploit-db.com/exploits/24952 http://www.osvdb.org/11350 http://www.securityfocus.com/archive/1/452743/100/0/threaded http://www.securityfocus.com/bid/21320 http://www.vupen.com/english/advisories/2006/4737