Summary
The remote host has a TFTP server installed that is serving one or more sensitive Cisco IOS Certificate Authority (CA) files.
Solution
If it is not required, disable the TFTP server. Otherwise restrict access to trusted sources only.
Insight
These files potentially include the private key for the CA so should be considered extremely sensitive and should not be exposed to unnecessary scrutiny.
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apple Safari 'SRC' Remote Denial Of Service Vulnerability
- Apple Safari Multiple Memory Corruption Vulnerabilities-02 Apr14 (Mac OS X)
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Linux)
- Apple Safari JavaScript Implementation Information Disclosure Vulnerability (Mac OS X)
- Apple Safari Web Script Execution Vulnerabilites - June09