{
  "threat_severity" : "Moderate",
  "public_date" : "2011-06-10T00:00:00Z",
  "bugzilla" : {
    "description" : "tftp: buffer overflow when setting utimeout option",
    "id" : "713950",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=713950"
  },
  "cvss" : {
    "cvss_base_score" : "5.1",
    "cvss_scoring_vector" : "AV:N/AC:H/Au:N/C:P/I:P/A:P",
    "status" : "draft"
  },
  "details" : [ "Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option." ],
  "statement" : "Not vulnerable. The Red Hat Security Response Team has reviewed this bug and determined it has no security impact on the tftp packages as shipped with Red Hat Enterprise Linux 4, 5, and 6. Refer to the following bugzilla for additional details: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2199",
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 4",
    "fix_state" : "Will not fix",
    "package_name" : "tftp",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Will not fix",
    "package_name" : "tftp",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Will not fix",
    "package_name" : "tftp",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2011-2199\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-2199" ],
  "name" : "CVE-2011-2199",
  "csaw" : false
}