Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Cisco TFTPD Server Directory Traversal Vulnerability

Cisco TFTPD Server Directory Traversal Vulnerability

by platon on June 20th, 2001 The Cisco TFTPD server is a freely available software package distributed and maintained by Cisco Systems. The software package is designed to give Microsoft Windows systems the ability to serve files via the Trivial File Transfer Protocol (TFTP)...



It is possible to gain access to sensitive files on a system using the affect software. By issuing a dot-dot-slash (../) request to the server, any file on the system may be downloaded.


This makes it possible for attackers to gain access to arbitrary files, and potentially sensitive information.

This vulnerability was announced to BugTraq by Siberian on June 18, 2001.

[Homepage]


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »