Cisco IOS TFTP File Disclosure

This NASL script is Copyright (C) 2005-2012 Corsaire Limited.

Synopsis :

The remote TFTP daemon is serving potentially sensitive content.

Description :

The remote host has a TFTP server installed that is serving one or
more Cisco IOS files. These files may contain passwords and other
sensitive information. A remote attacker could use this information
to mount further attacks.

Solution :

Disable the TFTP service if it is not being used. Otherwise,
restrict access to trusted sources only.

Risk factor :

Medium / CVSS Base Score : 5.0

Family: Misc.

Nessus Plugin ID: 17342 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now