VulnerableCode Package Details - pkg:deb/debian/atftp@0.7.git20120829-3.2~deb10u3

Search for packages

Vulnerability	Summary	Fixed by
VCID-8gv8-qwdd-5fd2 Aliases: CVE-2021-41054	tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options.	0.7.git20120829-3.3+deb11u2 Affected by 0 other vulnerabilities.
VCID-p7hs-4pdm-2qcw Aliases: CVE-2021-46671	options.c in atftp before 0.7.5 reads past the end of an array, and consequently discloses server-side /etc/group data to a remote client.	0.7.git20120829-3.3+deb11u2 Affected by 0 other vulnerabilities.
VCID-r2dj-7m5m-7fgq Aliases: CVE-2020-6097	An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability.	0.7.git20120829-3.3+deb11u2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-8gv8-qwdd-5fd2
Aliases:
CVE-2021-41054

tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options.

0.7.git20120829-3.3+deb11u2
Affected by 0 other vulnerabilities.

VCID-p7hs-4pdm-2qcw
Aliases:
CVE-2021-46671

options.c in atftp before 0.7.5 reads past the end of an array, and consequently discloses server-side /etc/group data to a remote client.

0.7.git20120829-3.3+deb11u2
Affected by 0 other vulnerabilities.

VCID-r2dj-7m5m-7fgq
Aliases:
CVE-2020-6097

An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability.

0.7.git20120829-3.3+deb11u2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-4ufj-j1bk-97g2	Multiple vulnerabilities have been found in atftp, the worst of which could result in the execution of arbitrary code.	CVE-2019-11365
VCID-qyq7-c3vf-bbew	Multiple vulnerabilities have been found in atftp, the worst of which could result in the execution of arbitrary code.	CVE-2019-11366

Vulnerability

Summary

Aliases

VCID-4ufj-j1bk-97g2

Multiple vulnerabilities have been found in atftp, the worst of which could result in the execution of arbitrary code.

CVE-2019-11365

VCID-qyq7-c3vf-bbew

Multiple vulnerabilities have been found in atftp, the worst of which could result in the execution of arbitrary code.

CVE-2019-11366

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T22:52:10.612847+00:00	Debian Oval Importer	Affected by	VCID-r2dj-7m5m-7fgq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:09:30.705295+00:00	Debian Oval Importer	Fixing	VCID-qyq7-c3vf-bbew	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:56:50.210970+00:00	Debian Oval Importer	Affected by	VCID-p7hs-4pdm-2qcw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:36:48.177148+00:00	Debian Oval Importer	Fixing	VCID-4ufj-j1bk-97g2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:14:29.668602+00:00	Debian Oval Importer	Affected by	VCID-8gv8-qwdd-5fd2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T22:28:42.766832+00:00	Debian Oval Importer	Affected by	VCID-r2dj-7m5m-7fgq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:49:26.825533+00:00	Debian Oval Importer	Fixing	VCID-qyq7-c3vf-bbew	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:41:04.082641+00:00	Debian Oval Importer	Affected by	VCID-p7hs-4pdm-2qcw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:21:24.016816+00:00	Debian Oval Importer	Fixing	VCID-4ufj-j1bk-97g2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:59:55.182774+00:00	Debian Oval Importer	Affected by	VCID-8gv8-qwdd-5fd2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T22:04:27.476770+00:00	Debian Oval Importer	Affected by	VCID-r2dj-7m5m-7fgq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:29:05.503699+00:00	Debian Oval Importer	Fixing	VCID-qyq7-c3vf-bbew	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:26:12.670961+00:00	Debian Oval Importer	Affected by	VCID-p7hs-4pdm-2qcw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:07:25.699763+00:00	Debian Oval Importer	Fixing	VCID-4ufj-j1bk-97g2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:46:34.452458+00:00	Debian Oval Importer	Affected by	VCID-8gv8-qwdd-5fd2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0