Vulnerability Details CVE-2002-1209
Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, and possibly earlier, allows remote attackers to read arbitrary files via "..\" (dot-dot backslash) sequences in a GET request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.045
EPSS Ranking 88.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0044.html
- http://www.idefense.com/advisory/10.24.02.txt
- http://www.securityfocus.com/bid/6045
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10469
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0044.html
- http://www.idefense.com/advisory/10.24.02.txt
- http://www.securityfocus.com/bid/6045
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10469
Products affected by CVE-2002-1209
-
cpe:2.3:a:solarwinds:tftp_server:5.0.55_standard