CVE-2009-1161
https://notcve.org/view.php?id=CVE-2009-1161
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en el servicio TFTP en Cisco CiscoWorks Common Services (CWCS) v3.0.x hasta v3.2.x en Windows, también utilizado en Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager y otros productos, lo que permite atacantes remotos acceder a ficheros arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN62527913/index.html http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html http://osvdb.org/54616 http://secunia.com/advisories/35179 http://securitytracker.com/id?1022263 http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml http://www.securityfocus.com/bid/35040 http://www.vupen.com/english/advisories/2009/1390 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •