JVN#62527913
Directory traversal vulnerability in multiple Cisco Systems products
Overview
Multiple products provided by Cisco Systems contain a directory traversal vulnerablility.
Products Affected
- CiscoWorks Common Services 3.0.x
- CiscoWorks Common Services 3.1.x
- CiscoWorks Common Services 3.2.x
Note that the Solaris version is not affected.
Description
Multiple Cisco Systems products are vulnerable to directory traversal due to an issue in CiscoWorks Common Services.
Impact
A remote attacker could view or alter files on the target server.
Solution
Update the software
Update to the latest version of CiscoWorks Common Services according the information provided by the vendor.
Workarounds
As a workaround to this vulnerability, disable the TFTP service until the software is updated.
Vendor Status
| Vendor | Link |
| Cisco Systems |
Cisco Security Advisory: CiscoWorks TFTP Directory Traversal Vulnerability |
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Analyzed on 2009.05.29
| Measures | Conditions | Severity |
|---|---|---|
| Access Required | Routed - can be attacked over the Internet using packets |
|
| Authentication | None - anonymous or no authentication (IP addresses do not count) |
|
| User Interaction Required | None - the vulnerability can be exploited without an honest user taking any action |
|
| Exploit Complexity | Low - little to no expertise and/or luck required to exploit (cross-site scripting) |
|
Credit
Jun Okada of NTT DATA SECURITY CORPORATION reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE |
CVE-2009-1161 |
| JVN iPedia |
JVNDB-2009-000032 |