Think you have a false positive on this rule?

Sid 1-518

Message

PROTOCOL-TFTP Put

Summary

This event is generated when a PUT TFTP request is detected.

Impact

Potentially Bad Traffic

CVE-1999-0183:

CVSS base score 6.4

CVSS impact score 4.9

CVSS exploitability score 10.0

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

Detailed information

CVE-1999-0183: Linux implementations of TFTP would allow access to files outside the restricted directory.

Affected systems

  • tftp tftp *
  • linux linux_kernel 2.6.20.1

Ease of attack

CVE-1999-0183:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

False positives

None Known

False negatives

None Known

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References

  • github.com/rapid7/metasploit-framework/blob/unstable/unstable-modules/auxiliary/d20tftpbd.rb