CVE-2007-2343

CVE Database · CVE-2007-2343

CVE-2007-2343

· N/AModified

CVSS v3.1

N/A

EPSS

3.99%

Published

Apr 27, 2007

Modified

Apr 22, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names.

Affected Products (2)

enterasys · netsight_consolevulnerable

enterasys · netsight_inventory_managervulnerable

References (12)

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506

Vendor Advisory

http://osvdb.org/34627

http://secunia.com/advisories/24764

ExploitVendor Advisory

http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf

Patch

http://www.securitytracker.com/id?1017876