SNMPc < 7.1.1 UDP Packet Handling Buffer Overflow
Critical Nessus Plugin ID 32081
SynopsisA remote Windows host contains a program that is affected by a buffer overflow vulnerability.
DescriptionThe remote host is running SNMPc, a network management application for Windows from Castle Rock Computing.
The version of SNMPc installed on the remote host reportedly is affected by a stack-based buffer overflow vulnerability. Using a specially crafted SNMP TRAP packet with an overly long community string, an unauthenticated, remote attacker can able to leverage this issue to execute arbitrary code on the remote host with LocalSystem privileges.
SolutionUpgrade to SNMPc version 7.1.1 or later as that reportedly resolves the issue.