CVE-2017-7183
published 2017-03-27CVE-2017-7183: The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers to cause a denial of service (crash) via a large (1) read or (2) write TFTP protocol…
PriorityP343high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EXPLOIT
EPSS
5.95%
92.4th percentile
The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers to cause a denial of service (crash) via a large (1) read or (2) write TFTP protocol message.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| extraputty | extraputty | <= 0.29 | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
BSD
FreeBSD-SA-18:02.ntp: Multiple vulnerabilities of ntp
bsd_advisories·2018-03-07·CVSS 5.3
CVE-2017-7183 [MEDIUM] FreeBSD-SA-18:02.ntp: Multiple vulnerabilities of ntp
FreeBSD-SA-18:02.ntp Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities of ntp
Category: contrib
Module: ntp
Announced: 2018-03-07
Credits: Network Time Foundation
Affects: All supported versions of FreeBSD.
Corrected: 2018-02-28 09:01:03 UTC (stable/11, 11.1-STABLE)
2018-03-07 05:58:24 UTC (releng/11.1, 11.1-RELEASE-p7)
2018-03-01 04:06:49 UTC (stable/10, 10.4-STABLE)
2018-03-07 05:58:24 UTC (releng/10.4, 10.4-RELEASE-p6)
2018-03-07 05:58:24 UTC (releng/10.3, 10.3-RELEASE-p27)
CVE Name: CVE-2018-7182, CVE-2018-7170, CVE-2018-7184, CVE-2018-7185,
CVE-2018-7183
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit .
I. Background
The ntpd(8) daemon is an i
GHSA
GHSA-qg2q-g744-m7q9: The TFTP server in ExtraPuTTY 0
ghsa_unreviewed·2022-05-14
CVE-2017-7183 [HIGH] CWE-20 GHSA-qg2q-g744-m7q9: The TFTP server in ExtraPuTTY 0
The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers to cause a denial of service (crash) via a large (1) read or (2) write TFTP protocol message.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/141705/ExtraPuTTY-029_rc2-Denial-Of-Service.htmlhttp://www.securityfocus.com/archive/1/540300/100/0/threadedhttp://www.securityfocus.com/bid/96973https://www.exploit-db.com/exploits/41639/http://packetstormsecurity.com/files/141705/ExtraPuTTY-029_rc2-Denial-Of-Service.htmlhttp://www.securityfocus.com/archive/1/540300/100/0/threadedhttp://www.securityfocus.com/bid/96973https://www.exploit-db.com/exploits/41639/
2017-03-27
Published