Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Handlers Diary Blog - CiscoWorks TFTP Directory Traversal Vulnerability InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

CiscoWorks TFTP Directory Traversal Vulnerability

Published: 2009-05-20
Last Updated: 2009-05-20 18:38:01 UTC
by Tom Liston (Version: 1)
0 comment(s)

Cisco has announced that a directory traversal flaw has been discovered in its CiscoWorks product line.  According to the announcement:

Products that have TFTP services enabled and that run CiscoWorks
Common Services versions 3.0.x, 3.1.x, and 3.2.x are vulnerable.
Only CiscoWorks Common Services systems running on Microsoft Windows
operating systems are affected.

A successful exploitation of this vulnerability may allow an attacker
unauthorized access to view or modify application and host operating
system files. Modification of some system files could result in a denial
of service condition.

More information and a complete list of vulnerable products is available from:

 

Keywords:
0 comment(s)
Diary Archives