Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2011-2199

Published: 22 July 2012

Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option.

Notes

AuthorNote
mdeslaur
caught by FORTIFY_SOURCE, just a DoS for connection only, not
for server. No security impact.

Priority

Medium

Status

Package Release Status
tftp-hpa
Launchpad, Ubuntu, Debian
hardy Ignored
(end of life)
lucid Ignored

maverick Ignored

natty Ignored

oneiric Not vulnerable
(5.1-2ubuntu1)
upstream
Released (5.1-1)
Patches:
upstream: http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8
This vulnerability is mitigated in part by the use of -D_FORTIFY_SOURCE=2 in Ubuntu.