Press CTRL-D to bookmark us
Welcome Guest Login / Register / Members
Search in  
Top Submit newsSubscribe
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
 

 Sponsored links

Want to become one of our authors and see your work published on ALLSeek.iNFO ?
 
 TFTPD32 Input Validation Flaw Lets Remote Users Read and Write Files on the System
Categorie: Vulnerability
Posted: 2002-11-20 by ReCall
Views: 359
Source: Click here
 		Current Rating: Not rated
Poor Best
 Details
Description: An input validation vulnerability was reported in TFTPD32. A remote user can view and write to files on the server located outside of the document directory.



SecuriTeam reported that a remote user can read and write any file on the system. Some demonstration exploit commands are provided:



tftp host GET /boot.ini



tftp host PUT myfile /boot.ini



Impact: A remote user can view files and write to files on the system that are located outside of the document directory.



Solution: The vendor has issued a fixed version (2.51), available at:





http://perso.wanadoo.fr/philippe.jounin/download.html
 
Syndication
Permalink Email this

The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=335

User comments (post your comments here)

Only registerd members can post comments and articles
 
Previous articleBack to news listNext article
 


InterJOB.su
Bookmark us | Set As Homepage | Advertising | Contact Us | Recomend us | Link us | Links | Terms

SpyLOG Page Rank Checker
LAST QUERIES