-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

PRE-CERT Security Advisory
==========================

* Advisory: PRE-SA-2011-05
* Released on: 22 Jun 2011
* Last updated on: 24 Jun 2011
* Affected product: tftp-hpa 0.30 - 5.0
* Impact: buffer overflow
* Origin: remote tftp client
* Credit: Timo Warns (PRESENSE Technologies GmbH)
* CVE Identifier: CVE-2011-2199


Summary
- -------

The tftp-hpa daemon contains a buffer overflow vulnerability in the
function for setting the utimeout option. As the daemon accepts the
option from clients, the vulnerability can be remotely exploited.


Solution
- --------

The overflow bug has been fixed in tftp-hpa 5.1.

For a patch, see
http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8


References
- ----------

When further information becomes available, this advisory will be
updated. The most recent version of this advisory is available at:

http://www.pre-cert.de/advisories/PRE-SA-2011-05.txt


ChangeLog
- ---------

* 24 Jun 2011
    - Bug fixed in tftp-hpa 5.1.


Contact
- -------

PRE-CERT can be reached under precert@pre-secure.de. For PGP
key information, refer to http://www.pre-cert.de/.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)

iQEcBAEBAgAGBQJOBaLHAAoJEJreX/O/+ER1ZFcH/RgKAR+oIxd1Hr5+ByWiZP1f
0J9l4p2FxAxgzN9XxwzW0SbZMbPAB8kGGHw3u4KXiFkhZONvqr/ZTRgTuTKcVsW/
mdRkOFoy4Y2LqHP9Kw5zjnIG0fhIEVTvcO7xHjqsn4kZ2ueMAB/j6BD7SSmm93LR
9LOnJWePeJCHauuvsNhP+xe1fHKbffOHpj5EOjCZRsSwa2NVjrGgnps1P63C0Rpi
gY5uhxcYjDeq7hCEhgKxgJ6O4wmPxl76wqi6LPGVu8Bb/yn9Lc8/fQN3/cZg5s7t
8c5OKwFsYh9YLUKWiGbLWtDlAu7tdtMGh71ofM4cs13RPZJT4KQRx3cm9/JaQT0=
=eZV/
-----END PGP SIGNATURE-----