TFTP file access

Summary

File access via the TFTP service.

Impact

Unauthorized remote access to system or user files.

Background

The TFTP (trivial file transfer protocol) service provides remote access to files, without asking for a password. It is typically used for the initialization of diskless computers, of X terminals, or of other dedicated hardware.

The problem

When the TFTP daemon does not limit access to specific files or hosts, a remote intruder can use the service to obtain copies of the password file or of other system or user files, or to remotely overwrite files.

Fix

Restrict TFTP access to only limited subtree of the file system. Consult your tftpd manual pages for details.
When no access restriction is possible, restrict TFTP access by using a tcp wrapper.

Other tips

See the Admin Guide to Cracking for an example of why this is a problem.