CVE-2007-0888

CVE-2007-0888 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Directory traversal vulnerability in the TFTP server in Kiwi CatTools before 3.2.0 beta allows remote attackers to read arbitrary files, and upload files to arbitrary locations, via ..// (dot dot) sequences in the pathname argument to an FTP (1) GET or (2) PUT command.

Learn more about our Cis Benchmark Audit For Server Software.