'; echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "www.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "www.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "www.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "www.hp-telecom.com") { echo ''; echo 'hp-telecom'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

TFTP Attack (Attack ID:1300006)

Release Date:2009-09-27

Attack Name:Root directory

OS Type:Window Linux Unix Macintosh Others

Application Type:Others

Severity:Info

BUG ID

CVE ID

 

Description

This event is generated when a TFTP request is made with a directory designation of '/'. This may be an indication of an attempt to request or place files on the TFTP server outside the root directory configured for the TFTP server.
Vulnerable TFTP servers may allow remote attackers to transfer files to directories outside the normal root directory configured for the TFTP server. This could result in sensitive files being transfered off the system or arbitrary files being upload to the system.

Impact:
TFTP servers that allow files to be placed outside the configured root directory for the server may allow remote attackers to execute arbitrary commands on the system. Additionally if the TFTP server allows directory transversal using the '/' designator it may be possible to retrieve files from other directories on the system.

Additional References:
CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0183
http://www.whitehats.com/info/IDS138

 

Solution

Ensure the system is using an up to date version of the software and has had all vendor supplied patches applied.