CVE-2007-2343

2007-04-2717:00:00

mitre

www.cve.org

8.2 High

AI Score

Confidence

High

0.361 Low

EPSS

Percentile

97.2%

JSON

Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names.

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=506

osvdb.org/34627

secunia.com/advisories/24764

www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf

www.securitytracker.com/id?1017876

www.vupen.com/english/advisories/2007/1271