CVE-2005-3032

Name of the Vulnerable Software and Affected Versions vxTftpSrv version 1.7.0

Description The issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TFTP request with a long filename argument.

Recommendations For vxTftpSrv version 1.7.0, consider restricting access to the TFTP service until a patch is available. As a temporary workaround, limit the length of filename arguments to prevent buffer overflow exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.