Cisco CallManager TFTP File Detection
Medium Nessus Plugin ID 19507
SynopsisA TFTP server is listening on the remote host.
DescriptionThe remote host has a TFTP server installed that is serving one or more Cisco CallManager files. These files do not themselves include any sensitive information, but do identify the TFTP server as being part of a Cisco CallManager environment. The CCM TFTP server is an essential part of providing VOIP handset functionality, so should not be exposed to unnecessary scrutiny.
SolutionIf it is not required, disable or uninstall the TFTP server. Otherwise restrict access to trusted sources only.