TFTP Directory Traversal Network Vulnerability

Summary

The TFTP (Trivial File Transfer Protocol) allows remote users to read files without having to log in. This may be a big security flaw, especially if tftpd (the TFTP server) is not well configured by the admin of the remote host.

Solution

disable the tftp daemon, or if you really need it run it in a chrooted environment

Severity

Classification

CVE CVE-1999-0183, CVE-1999-0498

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

MySQL mysqld Privilege Escalation Vulnerability
AVG AntiVirus Engine Malware Detection Bypass Vulnerability (Win)
WebLogic Server DoS
Test HTTP dangerous methods
Samba Remote Arbitrary File Access

TFTP directory traversal

Take action and discover your vulnerabilities