Vulnerability in N/a

CVE-2002-2226

Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary code via a long filename argument.

EPSS: 0.800 (99.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

3160 (x_refsource_SREASON, third-party-advisory)
VU#632633 (x_refsource_CERT-VN, third-party-advisory)
tftpd32.jounin.net/ (x_refsource_MISC)
6199 (vdb-entry, x_refsource_BID)
www.securiteam.com/windowsntfocus/6C00C2061A.html (x_refsource_MISC)
20021118 TFTPD32 Buffer Overflow Vulnerability (Long filename) (mailing-list, x_refsource_BUGTRAQ)
tftp32-filename-bo(10647) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2002-2226?: CVE-2002-2226 is a vulnerability in N/a. Published 2007-09-23.
Is CVE-2002-2226 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.