Description
Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long mode field (aka transporting mode) in a (1) GET or (2) PUT command.
Affected products
- 3com / 3ctftpsvc2.0.1
References
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/4738
- MISChttp://www.securityfocus.com/bid/21301
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/30545
- MISChttp://www.securityfocus.com/bid/21322
- MISChttp://securityreason.com/securityalert/1930
- VENDOR_ADVISORYhttp://secunia.com/advisories/23113
- MISChttp://www.securityfocus.com/archive/1/452754/100/0/threaded