Search criteria

6 vulnerabilities found for netsight_inventory_manager by enterasys

FKIE_CVE-2007-2343

Vulnerability from fkie_nvd - Published: 2007-04-27 17:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names.
References
cve@mitre.orghttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506Vendor Advisory
cve@mitre.orghttp://osvdb.org/34627
cve@mitre.orghttp://secunia.com/advisories/24764Exploit, Vendor Advisory
cve@mitre.orghttp://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdfPatch
cve@mitre.orghttp://www.securitytracker.com/id?1017876
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/1271
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/34627
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24764Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdfPatch
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017876
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1271
Impacted products
Vendor Product Version
enterasys netsight_console *
enterasys netsight_inventory_manager *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:enterasys:netsight_console:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C5D3152-F50E-4D21-A452-7A909372E8D4",
              "versionEndIncluding": "2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enterasys:netsight_inventory_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D4C8415-E1A6-4CE0-B8E6-59F70575135D",
              "versionEndIncluding": "2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en el componente TFTPD en Enterasys NetSight Console 2.1 y NetSight Inventory Manager 2.1, y posiblemente anteriores, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de paquetes de respuestas manipuladas que contienen nombres de fichero largos."
    }
  ],
  "id": "CVE-2007-2343",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-04-27T17:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/34627"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24764"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1017876"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/1271"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/34627"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24764"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017876"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1271"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2007-2344

Vulnerability from fkie_nvd - Published: 2007-04-27 17:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows remote attackers to cause a denial of service (daemon crash) via a UDP packet that contains an invalid "packet type" field.
References
cve@mitre.orghttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506
cve@mitre.orghttp://osvdb.org/34628
cve@mitre.orghttp://secunia.com/advisories/24764Patch, Vendor Advisory
cve@mitre.orghttp://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdfVendor Advisory
cve@mitre.orghttp://www.securitytracker.com/id?1017876
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/1271
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/34628
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24764Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017876
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1271
Impacted products
Vendor Product Version
enterasys netsight_console 2.1
enterasys netsight_inventory_manager 2.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:enterasys:netsight_console:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F917E32A-5132-4020-92F0-E405700027EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enterasys:netsight_inventory_manager:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A654622E-7ACE-4648-A4BD-700A3259A1E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows remote attackers to cause a denial of service (daemon crash) via a UDP packet that contains an invalid \"packet type\" field."
    },
    {
      "lang": "es",
      "value": "El componente BOOTPD en Enterasys NetSight Console 2.1 y NetSight Inventory Manager 2.1, y posiblemente anteriores, sobre Windows permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida de demonio) a trav\u00e9s de un paquete UDP que contiene un campo \"tipo de paquete\" no valido."
    }
  ],
  "evaluatorSolution": "The vendor has addressed this issue with the following product updates:\r\n\r\nApply Security Patch 1 :\r\nhttp://www.enterasys.com/products/management/downloads/security_and_patches/\r\n\r\nOr upgrade to Enterasys NetSight Console 2.3.1 build 6 and NetSight Inventory Manager 2.2.2 build 4 :\r\nhttp://www.enterasys.com/services/support/downloads/",
  "id": "CVE-2007-2344",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-04-27T17:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/34628"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24764"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1017876"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/1271"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/34628"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24764"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017876"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1271"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2007-2343 (GCVE-0-2007-2343)

Vulnerability from cvelistv5 – Published: 2007-04-27 17:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://secunia.com/advisories/24764 third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/1271 vdb-entryx_refsource_VUPEN
http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
http://www.securitytracker.com/id?1017876 vdb-entryx_refsource_SECTRACK
http://osvdb.org/34627 vdb-entryx_refsource_OSVDB
http://www.enterasys.com/pub/NetSight/Patches/SP1… x_refsource_CONFIRM
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:33:28.349Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "24764",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24764"
          },
          {
            "name": "ADV-2007-1271",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1271"
          },
          {
            "name": "20070404 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
          },
          {
            "name": "1017876",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017876"
          },
          {
            "name": "34627",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/34627"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-04-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-11-13T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "24764",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24764"
        },
        {
          "name": "ADV-2007-1271",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1271"
        },
        {
          "name": "20070404 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
        },
        {
          "name": "1017876",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017876"
        },
        {
          "name": "34627",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/34627"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2343",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "24764",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24764"
            },
            {
              "name": "ADV-2007-1271",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1271"
            },
            {
              "name": "20070404 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
            },
            {
              "name": "1017876",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017876"
            },
            {
              "name": "34627",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/34627"
            },
            {
              "name": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf",
              "refsource": "CONFIRM",
              "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2343",
    "datePublished": "2007-04-27T17:00:00",
    "dateReserved": "2007-04-27T00:00:00",
    "dateUpdated": "2024-08-07T13:33:28.349Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-2344 (GCVE-0-2007-2344)

Vulnerability from cvelistv5 – Published: 2007-04-27 17:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows remote attackers to cause a denial of service (daemon crash) via a UDP packet that contains an invalid "packet type" field.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://secunia.com/advisories/24764 third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/1271 vdb-entryx_refsource_VUPEN
http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
http://www.securitytracker.com/id?1017876 vdb-entryx_refsource_SECTRACK
http://osvdb.org/34628 vdb-entryx_refsource_OSVDB
http://www.enterasys.com/pub/NetSight/Patches/SP1… x_refsource_CONFIRM
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:33:28.577Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "24764",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24764"
          },
          {
            "name": "ADV-2007-1271",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1271"
          },
          {
            "name": "20070404 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
          },
          {
            "name": "1017876",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017876"
          },
          {
            "name": "34628",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/34628"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-04-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows remote attackers to cause a denial of service (daemon crash) via a UDP packet that contains an invalid \"packet type\" field."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-11-13T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "24764",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24764"
        },
        {
          "name": "ADV-2007-1271",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1271"
        },
        {
          "name": "20070404 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
        },
        {
          "name": "1017876",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017876"
        },
        {
          "name": "34628",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/34628"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2344",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows remote attackers to cause a denial of service (daemon crash) via a UDP packet that contains an invalid \"packet type\" field."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "24764",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24764"
            },
            {
              "name": "ADV-2007-1271",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1271"
            },
            {
              "name": "20070404 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
            },
            {
              "name": "1017876",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017876"
            },
            {
              "name": "34628",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/34628"
            },
            {
              "name": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf",
              "refsource": "CONFIRM",
              "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2344",
    "datePublished": "2007-04-27T17:00:00",
    "dateReserved": "2007-04-27T00:00:00",
    "dateUpdated": "2024-08-07T13:33:28.577Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-2343 (GCVE-0-2007-2343)

Vulnerability from nvd – Published: 2007-04-27 17:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://secunia.com/advisories/24764 third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/1271 vdb-entryx_refsource_VUPEN
http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
http://www.securitytracker.com/id?1017876 vdb-entryx_refsource_SECTRACK
http://osvdb.org/34627 vdb-entryx_refsource_OSVDB
http://www.enterasys.com/pub/NetSight/Patches/SP1… x_refsource_CONFIRM
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:33:28.349Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "24764",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24764"
          },
          {
            "name": "ADV-2007-1271",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1271"
          },
          {
            "name": "20070404 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
          },
          {
            "name": "1017876",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017876"
          },
          {
            "name": "34627",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/34627"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-04-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-11-13T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "24764",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24764"
        },
        {
          "name": "ADV-2007-1271",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1271"
        },
        {
          "name": "20070404 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
        },
        {
          "name": "1017876",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017876"
        },
        {
          "name": "34627",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/34627"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2343",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "24764",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24764"
            },
            {
              "name": "ADV-2007-1271",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1271"
            },
            {
              "name": "20070404 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
            },
            {
              "name": "1017876",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017876"
            },
            {
              "name": "34627",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/34627"
            },
            {
              "name": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf",
              "refsource": "CONFIRM",
              "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2343",
    "datePublished": "2007-04-27T17:00:00",
    "dateReserved": "2007-04-27T00:00:00",
    "dateUpdated": "2024-08-07T13:33:28.349Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-2344 (GCVE-0-2007-2344)

Vulnerability from nvd – Published: 2007-04-27 17:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows remote attackers to cause a denial of service (daemon crash) via a UDP packet that contains an invalid "packet type" field.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://secunia.com/advisories/24764 third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/1271 vdb-entryx_refsource_VUPEN
http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
http://www.securitytracker.com/id?1017876 vdb-entryx_refsource_SECTRACK
http://osvdb.org/34628 vdb-entryx_refsource_OSVDB
http://www.enterasys.com/pub/NetSight/Patches/SP1… x_refsource_CONFIRM
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:33:28.577Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "24764",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24764"
          },
          {
            "name": "ADV-2007-1271",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1271"
          },
          {
            "name": "20070404 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
          },
          {
            "name": "1017876",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017876"
          },
          {
            "name": "34628",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/34628"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-04-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows remote attackers to cause a denial of service (daemon crash) via a UDP packet that contains an invalid \"packet type\" field."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-11-13T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "24764",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24764"
        },
        {
          "name": "ADV-2007-1271",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1271"
        },
        {
          "name": "20070404 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
        },
        {
          "name": "1017876",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017876"
        },
        {
          "name": "34628",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/34628"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2344",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows remote attackers to cause a denial of service (daemon crash) via a UDP packet that contains an invalid \"packet type\" field."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "24764",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24764"
            },
            {
              "name": "ADV-2007-1271",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1271"
            },
            {
              "name": "20070404 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506"
            },
            {
              "name": "1017876",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017876"
            },
            {
              "name": "34628",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/34628"
            },
            {
              "name": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf",
              "refsource": "CONFIRM",
              "url": "http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2344",
    "datePublished": "2007-04-27T17:00:00",
    "dateReserved": "2007-04-27T00:00:00",
    "dateUpdated": "2024-08-07T13:33:28.577Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}