CVE-2005-1813

2022-10-0316:22:43

mitre

www.cve.org

futuresoft tftp server

directory traversal

remote attackers

tftp get request

arbitrary files

6.7 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.3%

JSON

Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET request containing (1) “…/” (dot dot slash) or (2) "…" (dot dot backslash) sequences.

References

secunia.com/advisories/15539

securitytracker.com/id?1014079

www.security.org.sg/vuln/tftp2000-1001.html

www.securityfocus.com/bid/13821