The trivial file transfer protocol (TFTP) is a UDP-based file transfer program that is frequently used to allow diskless hosts to boot over the network. TFTP is implemented by the tftp client program and the tftpd server program. Because TFTP has no user authentication, it may be possible for unwanted file transfer to occur. It is a significant threat that tftp may be used to steal password files. section 10.2.3 describes a way to verify that a system is not using a version of tftpd with know security holes. In particular, versions of SunOS prior to release 4.0 are known to have a security hole because the tftpd program did not restrict file transfer.