CyberSec.Space Logo
Back to CVE Browser

CVE-2007-2343

HIGH
7.5
CVSS Severity Score
EPSS Score0.1980%
EPSS Percentile31.70th
PublishedApr 27, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names.

Affected Platforms (CPE)

πŸ“¦
Enterasys

Netsight Console

<= 2.1
πŸ“¦
Enterasys

Netsight Inventory Manager

<= 2.1

References & Advisories

πŸ”— http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506
πŸ”— http://osvdb.org/34627
πŸ”— http://secunia.com/advisories/24764
πŸ”— http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf
πŸ”— http://www.securitytracker.com/id?1017876
πŸ”— http://www.vupen.com/english/advisories/2007/1271
πŸ”— http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506
πŸ”— http://osvdb.org/34627

Related Vulnerabilities

CVE-2007-23447.8

The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows...

CVE-2007-195910.0

Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vector...

CVE-2007-005710.0

Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a sh...

CVE-2007-010010.0

The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows r...