{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-12-03T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "100511", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/100511"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html"}, {"name": "tftpd32-cve20136809-format-string(89455)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89455"}, {"name": "20131203 Tftpd32 Client Side Format String Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2013/Dec/15"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-6809", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "100511", "refsource": "OSVDB", "url": "http://osvdb.org/100511"}, {"name": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html"}, {"name": "tftpd32-cve20136809-format-string(89455)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89455"}, {"name": "20131203 Tftpd32 Client Side Format String Vulnerability", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2013/Dec/15"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T17:46:23.572Z"}, "title": "CVE Program Container", "references": [{"name": "100511", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/100511"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html"}, {"name": "tftpd32-cve20136809-format-string(89455)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89455"}, {"name": "20131203 Tftpd32 Client Side Format String Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2013/Dec/15"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-6809", "datePublished": "2013-12-13T17:00:00.000Z", "dateReserved": "2013-11-19T00:00:00.000Z", "dateUpdated": "2024-08-06T17:46:23.572Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:*:*:*:*:*:*:*:*", "matchCriteriaId": "F66734BC-25CC-4ED7-AA29-4E44A577209C", "versionEndIncluding": "4.00", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C558A7E-9627-4652-B9A0-449DBEC13759", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "EEB055ED-1521-4ED0-9D2C-57055083B647", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "4271F96E-D7F2-4A19-8F38-116F3BC4564A", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "5CB878C3-11C3-44A9-AC8A-4A5552820409", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D57D87FF-5437-4027-BEE1-2E589BD82432", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.11:*:*:*:*:*:*:*", "matchCriteriaId": "B71CA63D-17FD-4684-B13F-AED4EF68BABD", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.21:*:*:*:*:*:*:*", "matchCriteriaId": "D3DBE3D5-9899-4DBF-B241-988E5BA0539E", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.51:*:*:*:*:*:*:*", "matchCriteriaId": "01577E14-494A-41E7-AAE3-CE056D5D47A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.52:*:*:*:*:*:*:*", "matchCriteriaId": "E2643C36-668E-457F-BB34-154D39025BD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.53:*:*:*:*:*:*:*", "matchCriteriaId": "EA1FDE23-01D4-475D-AEB5-149C0C3E184B", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.54:*:*:*:*:*:*:*", "matchCriteriaId": "037A8135-0860-4D78-9BD3-8159BF2A658E", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.60:*:*:*:*:*:*:*", "matchCriteriaId": "D31EFFDF-1234-4472-A869-5949B2006F66", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.62:*:*:*:*:*:*:*", "matchCriteriaId": "E048D128-8BCD-4E74-85CC-9ADA091C9C2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.70:*:*:*:*:*:*:*", "matchCriteriaId": "D59FAF65-D5D5-4A45-8A18-CA40C63807EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.71:*:*:*:*:*:*:*", "matchCriteriaId": "9A8A20FA-E34A-4348-BEFD-0AF760429CDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.72:*:*:*:*:*:*:*", "matchCriteriaId": "E258100C-F46E-414C-8ACA-063C87823FF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.73:*:*:*:*:*:*:*", "matchCriteriaId": "460C391A-E8FB-4921-ADFF-5E5F6C8C36D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.74:*:*:*:*:*:*:*", "matchCriteriaId": "74E764CD-0312-4476-965B-24A15486E485", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.80:*:*:*:*:*:*:*", "matchCriteriaId": "B794E953-4B56-45A8-9245-38D3E7BDC529", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.81:*:*:*:*:*:*:*", "matchCriteriaId": "58FAB6C7-C0F4-47F3-BD18-D1F1BF04AE51", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.82:*:*:*:*:*:*:*", "matchCriteriaId": "B6680458-1D5F-4D25-9BC2-20CC1FE5101B", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.83:*:*:*:*:*:*:*", "matchCriteriaId": "4AD50C40-964C-4ABD-B44D-49DAE6C60D57", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:2.84:*:*:*:*:*:*:*", "matchCriteriaId": "2AEB740D-2466-423C-B6CE-56269F82F099", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "9764EE49-B3F1-4515-9B24-A8784C2D74BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "2644ACEC-E21F-4192-8AF8-DDE548D57391", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.02:*:*:*:*:*:*:*", "matchCriteriaId": "948234FA-3543-44DF-8B28-E6F721E7C9CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.03:*:*:*:*:*:*:*", "matchCriteriaId": "0FC92027-C6A5-4731-9E3D-4E496F990B1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.10:beta:*:*:*:*:*:*", "matchCriteriaId": "6A6D5407-B8D3-4121-860E-AB6B8C0A47BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.20:*:*:*:*:*:*:*", "matchCriteriaId": "E1070A0C-7B23-4F94-9503-D9A420AC7BD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.22:*:*:*:*:*:*:*", "matchCriteriaId": "91EDEA13-B9D2-4A13-AEA2-0BA8B3A43B51", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.23:*:*:*:*:*:*:*", "matchCriteriaId": "545EC5A0-1DB9-4062-878F-FE10910A32B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.26:*:*:*:*:*:*:*", "matchCriteriaId": "3C8F8452-2471-40EE-9222-22049D46C451", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.27:*:*:*:*:*:*:*", "matchCriteriaId": "30115C7C-22FD-40CB-AD02-C634CCAC22E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.28:*:*:*:*:*:*:*", "matchCriteriaId": "6E12BEC3-C466-48EB-A945-41728D4CC32B", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.29:*:*:*:*:*:*:*", "matchCriteriaId": "2CBA5417-1C29-4793-9F23-301DC8DEFF8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.31:*:*:*:*:*:*:*", "matchCriteriaId": "ECED70EC-27C4-4061-9796-DED9A142BCE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.33:*:*:*:*:*:*:*", "matchCriteriaId": "142EE8CE-08BA-4CC5-A146-3EFE135C6E68", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.34:*:*:*:*:*:*:*", "matchCriteriaId": "B189F0A3-823A-4622-8DFA-5C61F732C51A", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.35:*:*:*:*:*:*:*", "matchCriteriaId": "440FB930-512F-4BC4-A6AE-3B93BF184A39", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.50:*:*:*:*:*:*:*", "matchCriteriaId": "2CC9E7E0-DBCD-4C3A-BBF2-F06C1814BE05", "vulnerable": true}, {"criteria": "cpe:2.3:a:philippe_jounin:tftpd32:3.51:*:*:*:*:*:*:*", "matchCriteriaId": "BFC8813F-30A5-409F-AB85-3801E4CCE36D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field."}, {"lang": "es", "value": "Vulnerabilidad de format string en el cliente de Tftpd32 anteriores a 4.50 permite a servidores remotos causar una denegaci\u00f3n de servicio (crash) o posiblemente ejecutar c\u00f3digo de forma arbitrria a trav\u00e9s especificadores de formato de cadena en el campo Remote File."}], "id": "CVE-2013-6809", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-12-13T18:55:05.490", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/100511"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://seclists.org/fulldisclosure/2013/Dec/15"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89455"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/100511"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/124275/Tftpd32-Client-Side-Format-String.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://seclists.org/fulldisclosure/2013/Dec/15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89455"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-134"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}