CVE-2020-6097

Summary

An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aatftpdatftp 0.7.git20120829-3.1+b1affected

Weaknesses

  • CWE-617: CWE-617: Reachable Assertion

ADP Enrichment

CVE Program Container

Additional References

References