CVEブラウザに戻る

CVE-2007-2343

HIGH

7.5

CVSS Severity Score

EPSS Score0.1980%

EPSS Percentile31.70th

Published2007年4月27日

Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names.

Affected Platforms (CPE)

📦

Enterasys

Netsight Console

<= 2.1

📦

Enterasys

Netsight Inventory Manager

<= 2.1

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506

🔗 http://osvdb.org/34627

🔗 http://secunia.com/advisories/24764

🔗 http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf

🔗 http://www.securitytracker.com/id?1017876

🔗 http://www.vupen.com/english/advisories/2007/1271

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506

🔗 http://osvdb.org/34627

関連する脆弱性情報

CVE-2007-23447.8

The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-158710.0

templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remote attackers to execute arbitrary programs by specifying the...