| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 17 May 2009 10:45:35 -0600 From: vuln_research@...nceofnigeria.org To: bugtraq@...urityfocus.com Subject: NetDecision TFTP Server 4.2 TFTP Directory Traversal [--Vulnerability Summary--] Title: NetDecision TFTP Server 4.2 TFTP Directory Traversal Product: NetDecision TFTP Server 4.2 Discovered: April 1, 2009 Discovered by: Rob Kraus, princeofnigeria (PoN) Vendor: NetMechanica Vendor URL: http://www.netmechanica.com/downloads/ Vendor notification date: April 2, 2009 and May 12, 2009 Vendor response date: None Vendor acknowledgement: No Vendor provided fix: No Release coordinated with the vendor: No response from vendor Public disclosure date: May 16, 2009 Affects: NetDecision TFTP Server 4.2 Fixed in: N/A Risk: MEDIUM Vulnerability Description: NetDecision TFTP Server 4.2 is prone to a directory-traversal vulnerability because it fails to sanitize TFTP GET and PUT requests. By using a specially crafted TFTP request an attacker is capable of putting (PUT) and retrieving (GET) files outside of the TFTP root directory. Impact: The ability to PUT and GET files outside of the TFTP root directory may allow an attacker to obtain more information about the underlying operating system and applications running on the host. Additionally, malicious code can be uploaded to the host operating system. [--Background--] Type of vulnerability: Input validation flaw Who can exploit it: Local and remote users Vulnerability Scope: The default installation of NetDecision TFTP Server 4.2 will allow exploitation of this vulnerability. Keywords: security, vulnerability, tftp, directory traversal, princeofnigeria, gui, windows, server [--Background--] Type of vulnerability: Input validation flaw Who can exploit it: Local and remote users NetDecision TFTP Server 4.2 is an application that provides services for transferring configuration files, firmware files and other types of data using the TFTP protocol. The application should restrict PUT and GET requests to the contents of the TFTP root directory to prevent obtaining data from other parts of the host operating system or uploading malicious code. Vulnerability Scope: The default installation of NetDecision TFTP Server 4.2 will allow exploitation of this vulnerability. [--More Details--] Exploitation of this flaw is trivial and can be executed using any RFC 1350 compliant TFTP client software. No exploit code is required. [--Fix or Workaround Information--] Patch availability: None Vendor provided fix: None Workarounds: None available at this time, design flaw. Discontinue use of this product until a stable patch is released. [--Disclosure Policy--] PrinceofNigeria.org Vulnerability Disclosure Policy http://www.princeofnigeria.org/blogs/index.php/vulndev/vulnreleasepolicy/?blog=1 [--Disclosure History--] Public disclosure date: May 16, 2009 [--References--] CVE-ID: Bugtraq ID: Secunia ID: OSVDB ID: [--Author--] Rob Kraus, princeofnigeria (PoN) Website: www.princeofnigeria.org/blogs
Powered by blists - more mailing lists