CVE-2017-7183

Опубликовано: 27 мар. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Средний

Описание

The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers to cause a denial of service (crash) via a large (1) read or (2) write TFTP protocol message.

Ссылки

http://packetstormsecurity.com/files/141705/ExtraPuTTY-029_rc2-Denial-Of-Service.html
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/540300/100/0/threaded
http://www.securityfocus.com/bid/96973
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/41639/
http://packetstormsecurity.com/files/141705/ExtraPuTTY-029_rc2-Denial-Of-Service.html
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/540300/100/0/threaded
http://www.securityfocus.com/bid/96973
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/41639/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:extraputty:extraputty:*:rc2:*:*:*:*:*:*

Версия до 0.29 (включая)

EPSS

Процентиль: 97%

0.30059

Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-qg2q-g744-m7q9