Univention Bugzilla – Bug 54077
atftp: Multiple issues (4.4)
Last modified: 2021-11-17 16:19:19 CET
New Debian atftp 0.7.git20120829-3.1~deb9u2 fixes: This update addresses the following issues: * An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability. (CVE-2020-6097) * tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options. (CVE-2021-41054)
--- mirror/ftp/4.4/unmaintained/4.4-1/source/atftp_0.7.git20120829-3.1~deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/atftp_0.7.git20120829-3.1~deb9u2.dsc @@ -1,3 +1,13 @@ +0.7.git20120829-3.1~deb9u2 [Tue, 16 Nov 2021 23:02:02 +0100] Thorsten Alteholz <debian@alteholz.de>: + + * Non-maintainer upload by the LTS Team. + * CVE-2020-6097 + By sending a special crafted sequence of RRQ-multicast request, + an attacker could trigger a denial-of-service. + * CVE-2021-41054 + When sending a crafted combination of TFTP options to the server, an + attacker could trigger a denial-of-service due to a buffer overflow. + 0.7.git20120829-3.1~deb9u1 [Fri, 03 May 2019 18:51:14 +0200] Salvatore Bonaccorso <carnil@debian.org>: * Non-maintainer upload by the Security Team. <http://piuparts.knut.univention.de/4.4-8/#6850782879605601140>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] ef3068e879 Bug #54077: atftp 0.7.git20120829-3.1~deb9u2 doc/errata/staging/atftp.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) [4.4-8] 40e79b26c0 Bug #54077: atftp 0.7.git20120829-3.1~deb9u2 doc/errata/staging/atftp.yaml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x1096>