CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2006-6184

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1400%
EPSS Percentile28.23th
Published2006年12月1日
Last Modified2026年4月23日

Vulnerability Description

Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.

Affected Platforms (CPE)

📦
Alliedtelesyn

At Tftp

<= 1.9

References & Advisories

🔗 http://secunia.com/advisories/23106
🔗 http://securityreason.com/securityalert/1929
🔗 http://securityreason.com/securityalert/8120
🔗 http://www.exploit-db.com/exploits/16350
🔗 http://www.exploit-db.com/exploits/24952
🔗 http://www.osvdb.org/11350
🔗 http://www.securityfocus.com/archive/1/452743/100/0/threaded
🔗 http://www.securityfocus.com/bid/21320

相關漏洞威脅

CVE-2002-039510.0

The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote attackers to crack the ...

CVE-2004-163610.0

Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers ...

CVE-1999-049810.0

TFTP is not running in a restricted directory, allowing a remote attacker to access sensitive information such as password files.

CVE-2005-181210.0

Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbit...

CVE-2006-6184 Detail & Impact Analysis | CVSS 10.0 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space