CVE-2002-0813
published 2002-08-12CVE-2002-0813: Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or…
PriorityP434high7.1CVSS 2.0
AVNACMAuNCNINAC
EXPLOIT
EPSS
9.09%
94.7th percentile
Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-g78g-q326-8w9f: Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11
ghsa_unreviewed·2022-04-30
CVE-2002-0813 [HIGH] CWE-119 GHSA-g78g-q326-8w9f: Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11
Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename.
Cisco
TFTP Long Filename Vulnerability
vendor_cisco·2002-07-30
CVE-2002-0813 CWE-119 TFTP Long Filename Vulnerability
TFTP Long Filename Vulnerability
Trivial File Transfer Protocol (TFTP) is a protocol which allows for
easy transfer of files between network connected devices. A vulnerability has
been discovered in the processing of filenames within a TFTP read request on
IOS devices and PXM-1 based MGX switches.
The following products are identified as affected by this
vulnerability:
MGX 8230, 8250 and PXM-1 based MGX 8850 switches running versions
1.2.10 or below
Cisco IOS devices running versions 11.1, 11.2,
11.3
Unless explicitly stated otherwise, all other Cisco products are not
affected.
There is no workaround on MGX switches.
On IOS devices, a simple workaround exists,which is detailed in the
Workarounds section below.
This advisory is available at
https://sec.cloudapps.cisco.com/security/c
Cisco
TFTP Long Filename Vulnerability
vendor_cisco
CVE-2002-0813 TFTP Long Filename Vulnerability
CVE-2002-0813: TFTP Long Filename Vulnerability
Trivial File Transfer Protocol (TFTP) is a protocol which allows for easy transfer of files between network connected devices. A vulnerability has been discovered in the processing of filenames within a TFTP read request on IOS devices and PXM-1 based MGX switches. The following products are identified as affected by this vulnerability: MGX 8230, 8250 and PXM-1 based MGX 8850 switches running versions 1.2.10 or below Cisco IOS devices running versions 11.1, 11.2, 11.3 Unless explicitly stated otherwise, all other Cisco products are not affected. There is no workaround on MGX switches. On IOS devices, a simple workaround exists,which is detailed in the
CWE: CWE-119, CWE-119
Bug IDs: CSCdy22809, CSCdy03429
No detection rules found.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=103002169829669&w=2http://online.securityfocus.com/archive/1/284634http://www.cisco.com/warp/public/707/ios-tftp-long-filename-pub.shtmlhttp://www.iss.net/security_center/static/9700.phphttp://www.osvdb.org/854http://www.securityfocus.com/bid/5328http://marc.info/?l=bugtraq&m=103002169829669&w=2http://online.securityfocus.com/archive/1/284634http://www.cisco.com/warp/public/707/ios-tftp-long-filename-pub.shtmlhttp://www.iss.net/security_center/static/9700.phphttp://www.osvdb.org/854http://www.securityfocus.com/bid/5328
2002-08-12
Published