This application requires Javascript for optimal performance.

Kiwi.CatTools.TFTP.Directory.Traversal

Release Date Jan 19, 2012
Severity critical
Impact Information disclosure: Attackers may be able to bypass security restrictions and compromise vulnerable systems.
Description This indicates an attack attempt against a Directory Traversal vulnerability in Kiwi CatTools. This is caused by the vulnerable application's failure to sanitize user supplied input. A successful attack may allow a remote attacker to view arbitrary local files and directories within the context of the webserver.
Affected Products Kiwi CatTools 3.2.8 Kiwi CatTools 3.1 Kiwi CatTools 2.0 Kiwi CatTools 3.2.0 beta
Recommended Actions The vendor released an update to address this issue. Please contact the vendor for information on how to obtain and apply this update. Kiwi CatTools 3.2.0 beta Kiwi Kiwi_CatTools_TFTP_Upgrade_1.0.0.8.Setup.exe http://www.kiwitools.com/downloads/cattools/Kiwi_CatTools_TFTP_Upgrade _1.0.0.8.Setup.exe Kiwi CatTools 2.0 Kiwi Kiwi_CatTools_TFTP_Upgrade_1.0.0.8.Setup.exe http://www.kiwitools.com/downloads/cattools/Kiwi_CatTools_TFTP_Upgrade _1.0.0.8.Setup.exe Kiwi CatTools 3.1 Kiwi Kiwi_CatTools_TFTP_Upgrade_1.0.0.8.Setup.exe http://www.kiwitools.com/downloads/cattools/Kiwi_CatTools_TFTP_Upgrade _1.0.0.8.Setup.exe Kiwi CatTools 3.2.8 Kiwi Kiwi_CatTools_TFTP_Upgrade_1.0.0.8.Setup.exe http://www.kiwitools.com/downloads/cattools/Kiwi_CatTools_TFTP_Upgrade _1.0.0.8.Setup.exe
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2007-0888
Reference/s http://www.securityfocus.com/bid/22490 (BugTraq)

Reference: VID-30421

Current Threat Level

Vulnerabilities

Virus/Spyware

Spam

PGP Keys

Contact Form

Copyright © 2012 Fortinet Inc. All Rights Reserved