Stack overflow

2007-04-2717:19:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

Low

0.361 Low

EPSS

Percentile

97.2%

JSON

Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names.

CPENameOperatorVersion
netsight_consolele2.1
netsight_inventory_managerle2.1

CPE	Name	Operator	Version
	netsight_console	le	2.1
	netsight_inventory_manager	le	2.1

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=506

osvdb.org/34627

secunia.com/advisories/24764

www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf

www.securitytracker.com/id?1017876

www.vupen.com/english/advisories/2007/1271