Trivial File Transfer Protocol



next up previous contents
Next: Fonts Up: X Terminals Previous: Reverse Address Resolution

Trivial File Transfer Protocol

Many X terminals download the X server image from another host, rather than having the server image stored locally in non-volatile ROM. Any host that masquerades as the TFTP host can download any code to the X terminal.

Also, the TFTP protocol does not do any authentication of requests, so that a malicious client can download files that it should not have access to, or can cause denial-of-service by flooding the host with TFTP requests.



John Barkley
Fri Oct 7 16:17:21 EDT 1994