CVE-2018-25256: IP TOOLS Buffer Overflow (2.50)
Platform
windows
Component
ip-tools
CVE-2018-25256 represents a local buffer overflow vulnerability discovered in the SNMP Scanner component of IP TOOLS. Successful exploitation allows a local attacker to crash the application, potentially leading to a denial of service and SEH overwrite. This vulnerability affects version 2.50 of IP TOOLS. As of the last update, no official patch is available to address this issue.
How to fix
Actualice a una versión corregida de IP TOOLS. Consulte el sitio web del proveedor (https://www.ks-soft.net/ip-tools.eng/index.htm) para obtener más información sobre las actualizaciones disponibles y cómo aplicar la corrección.
Frequently asked questions
What is CVE-2018-25256?
CVE-2018-25256 is a buffer overflow vulnerability in the SNMP Scanner component of IP TOOLS version 2.50. It allows a local attacker to crash the application by providing oversized input into the 'From Addr' and 'To Addr' fields.
Am I affected by CVE-2018-25256?
You are potentially affected if you are using IP TOOLS version 2.50. If you are running a different version, this vulnerability does not apply to you.
How can I fix or mitigate CVE-2018-25256?
Currently, no official patch is available for CVE-2018-25256. As a mitigation, consider uninstalling IP TOOLS 2.50 or restricting access to the SNMP Scanner component to trusted users.
Monitor your dependencies automatically
Get notified when new vulnerabilities affect your projects. Free forever.
Start free