Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: CiscoWorks TFTP Directory Traversal Vulnerability SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
CiscoWorks TFTP Directory Traversal Vulnerability

Cisco has announced that a directory traversal flaw has been discovered in its CiscoWorks product line.  According to the announcement:

Products that have TFTP services enabled and that run CiscoWorks
Common Services versions 3.0.x, 3.1.x, and 3.2.x are vulnerable.
Only CiscoWorks Common Services systems running on Microsoft Windows
operating systems are affected.

A successful exploitation of this vulnerability may allow an attacker
unauthorized access to view or modify application and host operating
system files. Modification of some system files could result in a denial
of service condition.

More information and a complete list of vulnerable products is available from:



160 Posts
May 20th 2009

Sign Up for Free or Log In to start participating in the conversation!