Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4722

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2011-4722
Last Modified 29 Dec 2014 10:00:47
Published 27 Dec 2014 09:59:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-4722

Summary

Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.

Vulnerable Systems

Application

  • Ipswitch Tftp Server 1.0.0.24


References

XF - ipswitch-tftp-directory-traversal(71610)

OSVDB - 77455

EXPLOIT-DB - 18189

SECTRACK - 1026368

SECUNIA - 47025

MISC - http://secpod.org/blog/?p=424


Last Updated: 27 May 2016 11:07:22