| VID |
16115 |
| Severity |
20 |
| Port |
69 |
| Protocol |
UDP |
| Class |
TFTP |
| Detailed Description |
A TFTP server running on the relevant host is serving one or more sensitive Cisco CallManager files. Trivial File Transfer Protocol (TFTP) is a protocol that allows for easy transfer of files without requiring authentication between network-connected devices. These files themselves include any sensitive information, but do identify the TFTP server as being part of a Cisco CallManager environment. The Cisco CallManager's TFTP server is an essential part of providing VOIP handset functionality, so should not be exposed to un-trusted sources.
* Platforms Affected:
Any TFTP server Any version
Any operating system Any version |
| Recommendation |
Consider disabling the affected TFTP server if it is not required. Otherwise restrict access to trusted hosts only. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
