CVE-2006-1951

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Tftp Server
Vendor: CVE Published:; 24 April 2006

Summary

Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and earlier allows remote attackers to download arbitrary files via a crafted GET request including "....//" sequences, which are collapsed into "../" sequences by filtering.

References

http://www.securityfocus.com/bid/17648

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/431729/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.rapid7.com/advisories/R7-0019.html

x_refsource_MISC

Timeline

Vulnerability published
Apr 24, 2006
Vulnerability Reserved
Apr 20, 2006