SolarWinds: Vulnerability Notification

» Product Updates
» Knowledge Base
» Documentation

» Tutorials
» FAQs

Customer ID:
Password:

Get tough answers to touch network questions from our network community.

SolarWinds TFTP Server Root Folder Navigation Vulnerability

SW-07-002

October 31, 2007

CVE ID:
Not yet assigned

Affected Vendor:
SolarWinds

Affected Products:
Engineer's Toolset, Standard Toolset, free TFTP Server

Severity Assessment:
Medium

Vulnerability Details:
SolarWinds has identified a root folder navigation vulnerability in all versions of the Toolset TFTP Server prior to version 9.1.0.2 and free TFTP Server prior to version 9.1.0.111. TFTP Server is offered as a free tool downloadable from SolarWinds' website and is included as an application within Engineer's Toolset and Standard Toolset.

TFTP Server 9.x versions allow puts and gets to folders outside of configured TFTP root directory
TFTP Server 8.x versions are NOT vulnerable

To check your software version:

1. Select Control Panel > Add or Remove Programs
2. Select your installed Toolset or TFTP Server
3. Select "Click here for more support information" link
4. Verify Toolset is version 9.1.0.2 or free TFTP Server is version 9.1.0.111

Update Availability:
This issue has been addressed with a hot-fix for version 9.1 of Engineer's Toolset and Standard Toolset. If you have previous versions of Toolset 8.0 or 9.0, you must upgrade to the Toolset 9.1 release before installing the hot-fix. Customers can obtain the latest version of Toolset and the hot-fix from the customer portal.

Customers with the Toolset 9.1 release can download the hot-fix from here:

Free TFTP Server users should download the latest TFTP Server version 9.1.0.111 from the SolarWinds website.

Workarounds:
No workarounds exist. However, the following mitigating steps may be taken:

Configure TFTP Server with the appropriate IP address restrictions for transfers
Disable TFTP server when not performing a file transfer
Install TFTP Server on Management VLANs that are inaccessible from the Internet

Credit:
This issue was reported by Jeremy Morrill from Phillips Academy.

Support:
Technical support is available by contacting SolarWinds Technical Support at http://www.solarwinds.com/support/.

See Other Vulnerability Notifications »

» Engineers Toolset v9.2 Switch Port Mapper – Hot Fix 1

» NetFlow v3.0 - Service Pack 3

» Exchange Monitor v1.0.2

» Orion NPM v9 - Service Pack 1

» Application Performance Monitor - Service Pack 4

» VoIP v2.0 - Service Pack 2

» Engineer’s Toolset v9.2 SNMP Graph - Hot Fix 1

» Engineer’s Toolset v9.2 TFTP Server - Hot Fix 2

» Standard Toolset v9.2 TFTP Server - Hot Fix 1

» Standard Toolset v9.2 - Service Pack 1

» ipMonitor v9.0.1

» Cirrus v4.0.1

» Engineer's Toolset v9.2 - Service Pack 1

» NEW! License Manager

» Windows Event Forwarder (64-bit compatible)

» TFTP Server Root Folder Navigation Vulnerability

» TFTP Server DoS Vulnerability