Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1952

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1952
Last Modified 07 Mar 2011 09:34:36
Published 24 Apr 2006 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1952

Summary

Directory traversal vulnerability in WinAgents TFTP Server for Windows 3.1 and earlier allows remote attackers to read arbitrary files via "..." (triple dot) sequences in a GET request.

Vulnerable Systems

Application

  • Winagents Tftp Server 3.1


References

VUPEN - ADV-2006-1562

MISC - http://www.rapid7.com/advisories/R7-0020.html

XF - tftp-dotdotdot-directory-traversal(25971)

CONFIRM - http://www.winagents.com/en/news/410.php

BID - 17718

SECUNIA - 19844


Last Updated: 27 May 2016 10:42:16