Liu Qixu

**Name of the Vulnerable Software and Affected Versions** 3Com 3CTftpSvc versions 2.0.1 and earlier **Description** The issue is related to multiple stack-based buffer overflows that can be triggered by remote attackers. This can be achieved by sending a long mode field in a GET or PUT command, potentially leading to a denial of service or the execution of arbitrary code. **Recommendations** For 3Com 3CTftpSvc versions 2.0.1 and earlier, consider restricting access to the affected service until a fix is available. As a temporary workaround, avoid using long mode fields in GET or PUT commands to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.