Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: CiscoWorks TFTP Directory Traversal Vulnerability - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
CiscoWorks TFTP Directory Traversal Vulnerability

Cisco has announced that a directory traversal flaw has been discovered in its CiscoWorks product line.  According to the announcement:

Products that have TFTP services enabled and that run CiscoWorks
Common Services versions 3.0.x, 3.1.x, and 3.2.x are vulnerable.
Only CiscoWorks Common Services systems running on Microsoft Windows
operating systems are affected.

A successful exploitation of this vulnerability may allow an attacker
unauthorized access to view or modify application and host operating
system files. Modification of some system files could result in a denial
of service condition.

More information and a complete list of vulnerable products is available from:

 

 Tom

160 Posts
May 20th 2009
Thread locked Subscribe May 20th 2009
1 decade ago

Sign Up for Free or Log In to start participating in the conversation!