[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

D-Link DIR-601 TFTP Directory Traversal Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: D-Link DIR-601 TFTP Directory Traversal Vulnerability
From: robkraus@xxxxxxxxxxxxxx
Date: Wed, 25 Jan 2012 14:47:38 GMT

Vulnerability title: D-Link DIR-601 TFTP Directory Traversal Vulnerability

CVSS Risk Rating: 7.8 (High)

Product: D-Link DIR-601 Wireless N 150 Home Router

Application Vendor: D-Link

Vendor URL: www.dlink.com

Public disclosure date: 1/20/2012

Discovered by: Rob Kraus and Solutionary Engineering Research Team (SERT)

Solutionary ID: SERT-VDN-1013

Solutionary public disclosure URL: 
http://www.solutionary.com/index/SERT/Vuln-Disclosures/D-Link_DIR-601.html

Vulnerability Description: Default installation of the DIR-601 Wireless N 150 
Home Router is susceptible to directory traversal attack. A attacker can 
exploit this vulnerability to retrieve files outside of the TFTP server root 
directory. The attack is performed  against the TFTP server listening on the 
WAN interface and does not require prior authentication. At this time it 
appears the vulnerability allows read-only access to files.

Affected software versions: Firmware Version 1.02NA

Impact: A remote attacker may be able to leverage this vulnerability to gain 
access to system and other configuration files resulting in loss of 
confidentiality.

Fixed in: Not Fixed

Remediation guidelines: Disable TFTP server access and update the system should 
a patch become available from the vendor.

Prev by Date: [security bulletin] HPSBUX02730 SSRT100710 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Next by Date: [SECURITY] [DSA-2393-1] bip security update
Previous by thread: [security bulletin] HPSBUX02730 SSRT100710 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Next by thread: [SECURITY] [DSA-2393-1] bip security update
Index(es):
- Date
- Thread