NAI Sniffer Agent SNMP Buffer Overflow Vulnerability
BID:1901
Info
NAI Sniffer Agent SNMP Buffer Overflow Vulnerability
| Bugtraq ID: | 1901 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2000-1157 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 02 2000 12:00AM |
| Updated: | Jul 11 2009 03:56AM |
| Credit: | This vulnerability was discovered and first published by Kevin Start <[email protected]> on November 2, 2000. |
| Vulnerable: |
Network Associates Sniffer Agent 3.0.10 |
| Not Vulnerable: | |
Discussion
NAI Sniffer Agent SNMP Buffer Overflow Vulnerability
Sniffer Agent is part of the NAI Sniffer distributed network monitoring software package designed to report statistics and information to a central network accounting server. A vulnerability exists in the agent that can allow a malicious user unauthorized remote access.
A buffer overflow exists in the SNMP portion of the Sniffer Agent package. Once a community string has been guessed for the Agent, it is possible for a user to remotely write shell code into any accessible object. There is no limitation of characters input into the community string, with a maximum buffer size of 256 bytes within each object. It is possible for a malicious user to exploit this vulnerability using one custom crafted udp packet. Successful exploitation of this vulnerability could lead to a malicious user gaining System-level priviledges.
Sniffer Agent is part of the NAI Sniffer distributed network monitoring software package designed to report statistics and information to a central network accounting server. A vulnerability exists in the agent that can allow a malicious user unauthorized remote access.
A buffer overflow exists in the SNMP portion of the Sniffer Agent package. Once a community string has been guessed for the Agent, it is possible for a user to remotely write shell code into any accessible object. There is no limitation of characters input into the community string, with a maximum buffer size of 256 bytes within each object. It is possible for a malicious user to exploit this vulnerability using one custom crafted udp packet. Successful exploitation of this vulnerability could lead to a malicious user gaining System-level priviledges.
Exploit / POC
NAI Sniffer Agent SNMP Buffer Overflow Vulnerability
This exploit was first publicly released by Kevin Start <[email protected]> to the BugTraq list on November 2, 2000.
This exploit was first publicly released by Kevin Start <[email protected]> to the BugTraq list on November 2, 2000.
Solution / Fix
NAI Sniffer Agent SNMP Buffer Overflow Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
NAI Sniffer Agent SNMP Buffer Overflow Vulnerability
References:
References: