Vulnerability Name:

CVE-2020-6097 (CCN-187430)

Assigned:2020-08-26
Published:2020-08-26
Updated:2022-05-12
Summary:An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-617
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2020-6097

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2020:1736

Source: XF
Type: UNKNOWN
atftp-cve20206097-dos(187430)

Source: CCN
Type: atftp GIT Repository
atftp

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20211117 [SECURITY] [DLA 2820-1] atftp security update

Source: CCN
Type: Talos Vulnerability Report TALOS-2020-1029
atftpd daemon Denial of Service Vulnerability

Source: MISC
Type: Exploit, Technical Description, Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1029

Vulnerable Configuration:Configuration 1:
  • cpe:/a:atftp_project:atftp:0.7.git20120829-3.1+b1:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:opensuse:leap:15.2:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20206097
    V
    		CVE-2020-6097
    2022-09-02
    oval:org.opensuse.security:def:111978
    P
    		atftp-0.7.5-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:64775
    P
    		Security update for libcryptopp (Moderate)
    2021-10-06
    oval:org.opensuse.security:def:105540
    P
    		atftp-0.7.5-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:63330
    P
    		graphviz-tcl-2.40.1-6.6.8 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63124
    P
    		google-compute-engine-oslogin-20190801-4.38.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63127
    P
    		kernel-devel-azure-4.12.14-5.47.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:64531
    P
    		Security update for python-rsa (Important)
    2021-06-17
    oval:org.opensuse.security:def:64668
    P
    		Security update for s390-tools (Important)
    2021-03-12
    oval:org.opensuse.security:def:64667
    P
    		Security update for python (Moderate)
    2021-03-11
    oval:org.opensuse.security:def:63152
    P
    		grub2-x86_64-xen-2.02-17.4 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:63120
    P
    		terraform-0.12.19-3.6.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:63623
    P
    		kernel-default-extra-5.3.18-22.2 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:64877
    P
    		Security update for nmap (Important)
    2020-12-01
    oval:org.opensuse.security:def:63826
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:75122
    P
    		Security update for atftp (Important)
    2020-12-01
    oval:org.opensuse.security:def:64935
    P
    		Security update for trousers (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63973
    P
    		Security update for ntp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:65047
    P
    		Security update for bind (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64202
    P
    		ruby2.5-rubygem-rails-html-sanitizer on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:74989
    P
    		Security update for google-compute-engine (Important)
    2020-12-01
    oval:org.opensuse.security:def:110817
    P
    		Security update for atftp (Important)
    2020-10-25
    BACK
    atftp_project atftp 0.7.git20120829-3.1+b1
    debian debian linux 9.0
    opensuse leap 15.2