Lucene search

[email protected]CVE-2007-2639

HistoryMay 13, 2007 - 11:19 p.m.

CVE-2007-2639

2007-05-1323:19:00

[email protected]

web.nvd.nist.gov

cve

2007

2639

directory traversal

tftpdwin

vulnerability

remote attack

arbitrary files

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.033 Low

EPSS

Percentile

91.3%

JSON

Directory traversal vulnerability in TFTPdWin 0.4.2 allows remote attackers to read or modify arbitrary files outside the TFTP root via unspecified vectors.

Affected configurations

NVD

Node

prosysinfotftp_server_tftpdwinMatch0.4.2

CPENameOperatorVersion
prosysinfo:tftp_server_tftpdwinprosysinfo tftp server tftpdwineq0.4.2

CPE	Name	Operator	Version
prosysinfo:tftp_server_tftpdwin	prosysinfo tftp server tftpdwin	eq	0.4.2

References

osvdb.org/36252

securityreason.com/securityalert/2699

www.securityfocus.com/archive/1/468313/100/0/threaded

www.securityfocus.com/bid/23937

exchange.xforce.ibmcloud.com/vulnerabilities/34247

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.033 Low

EPSS

Percentile

91.3%

JSON

Related for CVE-2007-2639

cvelist1 nvd1 prion1