WinAgents TFTP Server Directory Traversal Vulnerability

Bugtraq ID:	17718
Class:	Input Validation Error
CVE:	CVE-2006-1952
Remote:	Yes
Local:	No
Published:	Aug 17 2005 12:00AM
Updated:	Apr 27 2006 09:21PM
Credit:	Rapid7 is credited with the discovery of this vulnerability.
Vulnerable:	WinAgents TFTP Server 3.0 WinAgents TFTP Server 3.1
Not Vulnerable:	WinAgents TFTP Server 3.2

WinAgents TFTP Server Directory Traversal Vulnerability

TFTP Server is prone to a directory-traversal vulnerability.

An attacker can exploit this issue to retrieve arbitrary files from the vulnerable computer in the context of the affected server process. This may facilitate a complete compromise of the affected computer because the application is typically run with SYSTEM privileges.

WinAgents TFTP Server Directory Traversal Vulnerability

This issue can be exploited through a client application capable of using the TFTP protocol.

WinAgents TFTP Server Directory Traversal Vulnerability

Solution:
This issue has been addressed in version 3.2 of the application.


WinAgents TFTP Server 3.1

• WinAgents tftpsetup.exe
  http://www.winagents.com/downloads/tftpsetup.exe

WinAgents TFTP Server 3.0

• WinAgents tftpsetup.exe
  http://www.winagents.com/downloads/tftpsetup.exe

WinAgents TFTP Server Directory Traversal Vulnerability

References:

• Critical update of WinAgents TFTP Server (WinAgents)
  
• Directory traversal vulnerability in WinAgents TFTP Server for Windows (Rapid7)
  
• TFTP Server Homepage (WinAgents)