Vulnerabilities > CVE-2004-1636 - Remote Buffer Overflow vulnerability in NET Integration Technologies Inc. Wvtftp 0.9

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
net-integration-technologies-inc
critical
exploit available

Summary

Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet.

Vulnerable Configurations

Part Description Count
Application
Net_Integration_Technologies_Inc.
1

Exploit-Db

descriptionWvTFTPd 0.9 Remote Root Heap Overflow Exploit. CVE-2004-1636. Remote exploit for linux platform
idEDB-ID:608
last seen2016-01-31
modified2004-10-28
published2004-10-28
reporterinfamous41md
sourcehttps://www.exploit-db.com/download/608/
titleWvTFTPd 0.9 - Remote Root Heap Overflow Exploit