CVE List

CVE-2020-6097

Critical 7.5

An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability.

Published September 10, 2020.

Affected software

Atftp Project Atftp

Reference links

Sign Up for Alerts