Lucene search

SAINT CorporationSAINT:75120FD76F045662A4760517331FB75C

HistoryJul 21, 2008 - 12:00 a.m.

SNMPc Network Manager SNMP TRAP community string buffer overflow

2008-07-2100:00:00

SAINT Corporation

download.saintcorporation.com

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.684 Medium

EPSS

Percentile

98.0%

JSON

Added: 07/21/2008
CVE: CVE-2008-2214
BID: 28990
OSVDB: 44885

Background

SNMPc Network Manager is a distributed network management and monitoring solution.

Problem

A buffer overflow vulnerability in SNMPc Network Manager allows remote attackers to execute arbitrary commands by sending an SNMP TRAP message with a long, specially crafted community string.

Resolution

Upgrade to SNMPc Network Manager version 7.1.1 or higher.

References

<http://archives.neohapsis.com/archives/bugtraq/2008-04/0361.html>

Limitations

Exploit works on SNMPc Network Manager 7.1.0. It may take longer than usual to establish the connection after successful exploitation.

Platforms

Windows 2000
Windows Server 2003

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.684 Medium

EPSS

Percentile

98.0%

JSON

Related for SAINT:75120FD76F045662A4760517331FB75C