Directory traversal vulnerability in WinAgents TFTP Server for Windows 3.1 and earlier allows remote attackers to read arbitrary files via "..." (triple dot) sequences in a GET request. According to the vendor, WinAgents TFTP server version 3.2 fixes this directory traversal vulnerability.
Publication date: Tue, 25 Apr 2006 04:02:00 +0000