7.5

CVE-2007-2343

Exploit

EPSS 6.61%
Published 27.04.2007 17:19:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names.

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Enterasys ≫ Netsight Console Version <= 2.1

Enterasys ≫ Netsight Inventory Manager Version <= 2.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	6.61%	0.908

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506

Vendor Advisory

http://osvdb.org/34627

http://secunia.com/advisories/24764

Vendor Advisory

Exploit

http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf

Patch

http://www.securitytracker.com/id?1017876

http://www.vupen.com/english/advisories/2007/1271

https://nvd.nist.gov/vuln/detail/CVE-2007-2343

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-2343

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-2343

EUVD