CVE-2018-25256

Exploit

EPSS 0.2%
Veröffentlicht 05.04.2026 20:45:11
Zuletzt bearbeitet 27.04.2026 13:11:06
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

IP TOOLS 2.50 Local Buffer Overflow Denial of Service

IP TOOLS 2.50 contains a local buffer overflow vulnerability in the SNMP Scanner component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data into the 'From Addr' and 'To Addr' fields and trigger the crash by clicking the Start button, causing denial of service and SEH overwrite.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ks-soft ≫ Ip-tools Version <= 2.50

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.2%	0.101

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
disclosure@vulncheck.com	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
disclosure@vulncheck.com	6.8	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.exploit-db.com/exploits/46286

Exploit

VDB Entry

https://www.ks-soft.net/ip-tools.eng/index.htm

Product

https://www.vulncheck.com/advisories/ip-tools-local-buffer-overflow-denial-of-service

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-25256

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-25256

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-25256

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2018-25256