Rule Category

PROTOCOL-TFTP -- Snort has detected traffic that may indicate the presence of the tftp protocol or vulnerabilities in the tftp protocol on the network.

Alert Message

PROTOCOL-TFTP Put

Rule Explanation

This event is generated when a PUT TFTP request is detected. Impact: Potentially Bad Traffic Details: Ease of Attack:

What To Look For

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

MITRE ATT&CK Framework

Tactic:

Technique:

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org

CVE

Additional Links

Rule Vulnerability

CVE Additional Information

CVE-1999-0183
Linux implementations of TFTP would allow access to files outside the restricted directory.
Details
SeverityMEDIUM Base Score6.4
Impact Score4.9 Exploit Score10.0
Confidentiality ImpactPARTIAL Integrity ImpactPARTIAL
Availability ImpactNONE Access Vector
AuthenticationNONE Ease of Access