Vulnerabilities > CVE-2019-17424 - Out-of-bounds Write vulnerability in Nipper-Ng Project Nipper-Ng 0.11.10
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a crafted file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
id | EDB-ID:47673 |
last seen | 2019-11-18 |
modified | 2019-11-18 |
published | 2019-11-18 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/47673 |
title | nipper-ng 0.11.10 - Remote Buffer Overflow (PoC) |
Packetstorm
data source | https://packetstormsecurity.com/files/download/155378/nipperng01110-overflow.txt |
id | PACKETSTORM:155378 |
last seen | 2019-11-19 |
published | 2019-11-18 |
reporter | Guy Levin |
source | https://packetstormsecurity.com/files/155378/nipper-ng-0.11.10-Remote-Buffer-Overflow.html |
title | nipper-ng 0.11.10 Remote Buffer Overflow |