CVE-2007-2343

Опубликовано: 27 апр. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names.

Ссылки

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506
Vendor Advisory
http://osvdb.org/34627
http://secunia.com/advisories/24764
Exploit
Vendor Advisory
http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf
Patch
http://www.securitytracker.com/id?1017876
http://www.vupen.com/english/advisories/2007/1271
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506
Vendor Advisory
http://osvdb.org/34627
http://secunia.com/advisories/24764
Exploit
Vendor Advisory
http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf
Patch
http://www.securitytracker.com/id?1017876
http://www.vupen.com/english/advisories/2007/1271

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:enterasys:netsight_console:*:*:*:*:*:*:*:*

Версия до 2.1 (включая)

cpe:2.3:a:enterasys:netsight_inventory_manager:*:*:*:*:*:*:*:*

Версия до 2.1 (включая)

EPSS

Процентиль: 91%

0.06854

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-hx4p-j84q-ch4q

github

почти 4 года назад