Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (2) "..\" (dot dot backslash) sequences.
References
Link | Resource |
---|---|
http://www.security.org.sg/vuln/tftp2000-1001.html | Exploit |
http://www.securityfocus.com/bid/13821 | Exploit |
http://securitytracker.com/id?1014079 | Exploit |
http://secunia.com/advisories/15539 |
Configurations
Information
Published : 2005-05-31 21:00
Updated : 2008-09-04 21:00
NVD link : CVE-2005-1813
Mitre link : CVE-2005-1813
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
futuresoft
- tftp_server_2000