Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2007-0888

Published: 12/02/2007 Updated: 16/10/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Kiwi Cattools

Vulnerability Summary

Directory traversal vulnerability in the TFTP server in Kiwi CatTools prior to 3.2.0 beta allows remote malicious users to read arbitrary files, and upload files to arbitrary locations, via ..// (dot dot) sequences in the pathname argument to an FTP (1) GET or (2) PUT command.

Vulnerable Product Search on Vulmon Subscribe to Product

kiwi enterprises kiwi cattools

Exploits

Exploit DB: Kiwi CatTools TFTP 3.2.8 - Directory Traversal
Path traversal security vulnerability in Kiwi CatTools TFTP up to 328 server can lead to information disclosure and remote code execution Risk: High DISCUSSION Kiwi CatTools TFTP server doesnt properly verify filename in PUT and GET request which can be used to download/upload any file from/to server Default setting allows replacing of ...

References

NVD-CWE-Otherhttp://www.kiwisyslog.com/kb/idx/5/178/article/http://www.securityfocus.com/bid/22490http://www.osvdb.org/33162http://secunia.com/advisories/24103http://securityreason.com/securityalert/2236http://www.vupen.com/english/advisories/2007/0536https://exchange.xforce.ibmcloud.com/vulnerabilities/32398http://www.securityfocus.com/archive/1/459933/100/0/threadedhttp://www.securityfocus.com/archive/1/459500/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/3380/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook