Ipswitch TFTP Server Directory Traversal Vulnerability
BID:50890
Info
Ipswitch TFTP Server Directory Traversal Vulnerability
| Bugtraq ID: | 50890 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 02 2011 12:00AM |
| Updated: | Dec 02 2011 12:00AM |
| Credit: | SecPod Research |
| Vulnerable: |
Ipswitch, Inc TFTP Server 1.0.0.24 |
| Not Vulnerable: | |
Discussion
Ipswitch TFTP Server Directory Traversal Vulnerability
Ipswitch TFTP Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue can allow an attacker to download or upload arbitrary files outside of the document root directory. This may aid further attacks.
Ipswitch TFTP Server 1.0.0.24 is vulnerable; other versions may be affected.
Ipswitch TFTP Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue can allow an attacker to download or upload arbitrary files outside of the document root directory. This may aid further attacks.
Ipswitch TFTP Server 1.0.0.24 is vulnerable; other versions may be affected.
Exploit / POC
Ipswitch TFTP Server Directory Traversal Vulnerability
The following proof-of-concept and example input are available:
tftp> get ../../../../../../../../../../../boot.ini
tftp> get ../../../../../../../../../../../windows/win.ini
The following proof-of-concept and example input are available:
tftp> get ../../../../../../../../../../../boot.ini
tftp> get ../../../../../../../../../../../windows/win.ini
Solution / Fix
Ipswitch TFTP Server Directory Traversal Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Ipswitch TFTP Server Directory Traversal Vulnerability
References:
References:
- TFTP Server Homepage (Ipswitch, Inc)