Detections
Analytics

Kiwi CatTools < 3.2.9 TFTP Server Traversal Arbitrary File Manipulation

critical Nessus Plugin ID 24747

Language:

Synopsis

The remote TFTP server is affected by a directory traversal vulnerability.

Description

The remote host appears to be running Kiwi CatTools, a freeware application for device configuration management.

The TFTP server included with the version of Kiwi CatTools installed on the remote host fails to sanitize filenames of directory traversal sequences. An attacker can exploit this issue to get or put arbitrary files on the affected host subject to the privileges of the user id under which the server operates, LOCAL SYSTEM by default.

Solution

Upgrade to Kiwi CatTools version 3.2.9 or later.

See Also

https://www.securityfocus.com/archive/1/459500/30/0/threaded

http://www.kiwisyslog.com/kb/idx/5/178/article/

Plugin Details

Severity: Critical

ID: 24747

File Name: kiwi_cattools_tftpd_dir_traversal.nasl

Version: 1.18

Type: remote

Family: Misc.

Published: 3/1/2007

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Services/udp/tftp

Excluded KB Items: tftp/backdoor

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 2/9/2007

Exploitable With

ExploitHub (EH-13-903)

Reference Information

CVE: CVE-2007-0888

BID: 22490