| VID |
16032 |
| Severity |
30 |
| Port |
69 |
| Protocol |
UDP |
| Class |
TFTP |
| Detailed Description |
The TFTP service allows arbitrary files to be created and written to the TFTP root directory on the target system without any authentication. TFTP (Trivial File Transfer Protocol) is sometimes legitimately used for bootstrapping by diskless workstations.
However TFTP, when not configured properly, may allow remote attackers to create, or overwrite critical system files such as the password and shadow password file.
* References:
http://www.cert.org/advisories/CA-1991-19.html
http://www.iss.net/security_center/static/631.php |
| Recommendation |
If TFTP service is not required, disable the service.
To disable the service:
Comment out, or remove, the line for tftp in /etc/inetd.conf. And then restart inetd daemon.
-- OR --
Recommend that the TFTP service is running in secure mode. Many TFTP daemons support a "-s" flag which allows the specification of a directory to which requests are limited to. Ensure that the line for tftp in /etc/inetd.conf includes "-s /tftpboot" option. This option will allow access only to the /tftpboot directory. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
