Product Security Advisory HCCSEC-000017
InterNiche Security Vulnerabilities
Advisory ID: HCCSEC-000017
Publish Date: 2021-05-28
Last Updated: 2021-06-15
TFTP packet processing function `tfshnd():tftpsrv.c:209`, strlen on a non-null terminated string.
HCC is recommending customers with affected product versions to update to the latest release.
Security Notices are being issued for the following products:
|Product Name||Affected Version||Security Notice||Last Updated|
|InterNiche Stack, |
|All before v4.3 |
(Package: in_httpsvr - v1.6)
|Contact HCC Security Team||2021-06-04|
The risks for these vulnerabilities are rated from Low to High. Refer to the product Security Notices for additional statements regarding risk.
Mitigation / Recommended Action
HCC has fixed the issue in release v4.3 (Package: in_httpsvr - v1.7) of the affected software. Customers are advised to update their software to version v4.3 (Package: in_httpsvr - v1.7) or above. Customers are advised to review the product Security Notice. For additional information, contact the HCC Security Team.
Related CVEs / CWEs / Advisories
Page Revision History
|1.1||2021-06-15||Name and version added of fixed Package|