7.5

CVE-2007-2343

Exploit
Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
EnterasysNetsight Console Version <= 2.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.99% 0.892
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506
Vendor Advisory
http://osvdb.org/34627
http://secunia.com/advisories/24764
Vendor Advisory
Exploit
http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf
Patch
http://www.securitytracker.com/id?1017876
http://www.vupen.com/english/advisories/2007/1271