Detections
Analytics

CVE-2007-2343

critical

Description

Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names.

References

http://www.vupen.com/english/advisories/2007/1271

http://www.securitytracker.com/id?1017876

http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf

http://osvdb.org/34627

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506

Details

Source: Mitre, NVD

Published: 2007-04-27

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.06215