TFTP_parent directory


Code: p620

Severity: Warning


Description: This event is generated when a TFTP request is made with a parent directory designation of "..". This may be an indication of an attempt to request or place files on the TFTP server outside the root directory configured for the TFTP server.

Impact: TFTP servers that allow files to be placed outside the configured root directory for the server may allow remote attackers to execute arbitrary commands on the system. Additionally if the TFTP server allows directory transversal using the ".." designator it may be possible to retrieve files from other directories on the system.

Corrective: Upgrade to the current version of your TFTP server solutation, or contact the product vendor for patch information.