2 matches found
CVE-2009-0288
CVE-2009-0288 affects k23productions TFTPUtil GUI versions 1.2.0 and 1.3.0. Multiple connected sources confirm a directory traversal vulnerability that allows remote attackers to read arbitrary files outside the TFTP root via traversal sequences in a GET request. Practical impact is potential una...
CVE-2009-0289
CVE-2009-0289 affects k23productions TFTPUtil GUI versions 1.2.0 through 1.3.0. The issue allows remote attackers to cause a denial-of-service (service crash) by sending a crafted request with a long filename. The publicly documented workaround is to restrict the length of filenames in requests t...