CVE-2011-2199

Publication date 22 July 2012

Last updated 24 July 2024

Ubuntu priority

Description

Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
tftp-hpa	11.10 oneiric	Not affected
	11.04 natty	Ignored
	10.10 maverick	Ignored
	10.04 LTS lucid	Ignored
	8.04 LTS hardy	Ignored end of life

How can I get the fixes?
What do statuses mean?
Patch details

Notes

mdeslaur

caught by FORTIFY_SOURCE, just a DoS for connection only, not for server. No security impact.

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
tftp-hpa	Upstream: http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2011-2199