Exploit Cybersecurity study of the dark web exposes vulnerability to machine identities -- ScienceDaily

Published on April 21st, 2019 📆 | 2829 Views ⚑


atftp up to 0.7.0 tftpd_list.c denial of service

CVSS Meta Temp Score Current Exploit Price (≈)
3.4 $0-$5k

A vulnerability, which was classified as problematic, has been found in atftp up to 0.7.0. Affected by this issue is some functionality of the file tftpd_list.c. The manipulation with an unknown input leads to a denial of service vulnerability (NULL Pointer Dereference). Using CWE to declare the problem leads to CWE-476. Impacted is availability.

The weakness was released 04/20/2019. This vulnerability is handled as CVE-2019-11366 since 04/20/2019. Technical details are known, but there is no available exploit.

Upgrading to version 0.7.1 eliminates this vulnerability.

Entries connected to this vulnerability are available at 133885.


VulDB Meta Base Score: 3.5
VulDB Meta Temp Score: 3.4

VulDB Base Score: ≈3.5
VulDB Temp Score: ≈3.4
VulDB Vector: ?
VulDB Reliability: ?

VulDB Base Score: ?
VulDB Temp Score: ?
VulDB Reliability: ?
Class: Denial of service / NULL Pointer Dereference (CWE-476)
Local: Yes
Remote: No

Availability: ?
Status: Not defined

Price Prediction: ?
Current Price Estimation: ?

Threat Intelligenceinfoedit

Threat: ?
Adversaries: ?
Geopolitics: ?
Economy: ?
Predictions: ?
Remediation: ?Recommended: Upgrade
Status: ?
0-Day Time: ?

Upgrade: atftp 0.7.1

04/20/2019 Advisory disclosed
04/20/2019 +0 days CVE assigned
04/21/2019 +1 days VulDB entry created
04/21/2019 +0 days VulDB last updateCVE: CVE-2019-11366 (?)
See also: ?Created: 04/21/2019 08:29 AM
Complete: ?

Upgrade your account now!


Premium WordPress Themes Download
Download Best WordPress Themes Free Download
Download Best WordPress Themes Free Download
Download WordPress Themes Free
free online course

Tagged with:

Leave a Reply ✍