Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1570

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1570
Last Modified 05 Sep 2008 04:30:56
Published 03 Nov 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1570

Summary

Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array.

Vulnerable Systems

Application

  • Ucd-snmp 4.2.3


References

XF - netsnmp-snmpnetstat-heap-overflow(7776)

BID - 3780

BUGTRAQ - 20020103 Heap overflow in snmpnetstat

CONECTIVA - CLA-2003:696


Last Updated: 27 May 2016 10:37:24