Info

Disclosure

Oct 30, 2004

Discovery

Unknown

Dates

Exploit

Oct 30, 2004

Solution

Unknown

Description

Allied Telesyn TFTP Server (AT-TFTP) contains a flaw that allows a remote attacker to download and upload arbitrary files from and to directories outside of the web path. The issue is due to the program not properly sanitizing user input, specifically traversal style attacks (../../), and may result in a loss of confidentiality and/or integrity. Note that uploads are possible only if Read/Write mode is selected.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Exploit: Exploit Public

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Allied Telesyn

TFTP Server

1.8

References

Security Tracker: 1012011
Related OSVDB ID: 11350
Bugtraq ID: 11584 44711
Exploit Database: 15438
ISS X-Force ID: 17925
Other Advisory URL: http://aluigi.altervista.org/adv/attftp-adv.txt
Mail List Post: http://attrition.org/pipermail/vim/2010-November/002474.html
http://attrition.org/pipermail/vim/2010-November/002475.html
Vendor URL: http://www.alliedtelesyn.co.nz/support/rapier/download.html

Credit

Luigi Auriemma - aluigiautistici.org - http://aluigi.altervista.org

Direct URL: http://osvdb.org/11349