CVE-2007-2343 Information

Description

Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1 and possibly earlier allows remote attackers to execute arbitrary code via crafted request packets that contain long file names.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=506 http://osvdb.org/34627 http://secunia.com/advisories/24764 http://www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf http://www.securitytracker.com/id?1017876 http://www.vupen.com/english/advisories/2007/1271