CVE-2005-1812

Name of the Vulnerable Software and Affected Versions FutureSoft TFTP Server version 1.0.0.1

Description The issue allows remote attackers to execute arbitrary code via a long filename or transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet, due to multiple stack-based buffer overflows.

Recommendations For version 1.0.0.1, consider restricting the length of filenames and transfer mode strings in RRQ and WRQ packets to prevent buffer overflows until a patch is available. As a temporary workaround, limit access to the TFTP server to trusted sources. At the moment, there is no information about a newer version that contains a fix for this vulnerability.