Home » Hacking News » Cisco TFTPD Server Directory Traversal Vulnerability
Cisco TFTPD Server Directory Traversal Vulnerability
by platon on June 20th, 2001 The Cisco TFTPD server is a freely available software package distributed and maintained by Cisco Systems. The software package is designed to give Microsoft Windows systems the ability to serve files via the Trivial File Transfer Protocol (TFTP)...
It is possible to gain access to sensitive files on a system using the affect software. By issuing a dot-dot-slash (../) request to the server, any file on the system may be downloaded.
This makes it possible for attackers to gain access to arbitrary files, and potentially sensitive information.
This vulnerability was announced to BugTraq by Siberian on June 18, 2001.
[Homepage]