Cisco IOS TFTP Server
Created 8/8/02
CVE 2002-0813
Impact
A remote attacker could create a denial of service by rebooting the router.
Background
Trivial File Transfer Protocol (TFTP)
is a protocol which allows for easy
transfer of files between network connected devices.
The Problem
CVE 2002-0813
Cisco IOS
provides TFTP server functionality to facilitate the transfer of
Cisco IOS images when another TFTP server may not be available.
A vulnerability has been discovered in the processing of filenames within
a TFTP read request when Cisco IOS is configured to act as a TFTP server.
This vulnerability affects IOS versions 11.1, 11.2 and 11.3, but does
NOT affect those operating systems when running on a 68040 based
architecture such as a Route Processor.
Resolution
The affected IOS releases, 11.1, 11.2, and 11.3, are all at End of Life, which
means they do not have a maintenance version scheduled, and will not be fixed.
There are two simple workarounds: to disable the TFTP server if it is not
needed, or to provide TFTP file name aliases. The
Cisco advisory
describes the procedures to implement these workarounds. Users with a service
contract may obtain upgraded software through the Software Center on Cisco's
Worldwide Web site at http://www.cisco.com.
Where can I read more about this?
For more information, see the
Cisco advisory
or the Neohapsis advisory.
This vulnerability was announced on the
Bugtraq
mailing list.