SniffIt 'sn _ overflow file. c' multiple Stack Buffer Overflow Vulnerability
Release date:
Updated on:
Affected Systems:
Sniffit
Description:
Bugtraq id: 71318
CVE (CAN) ID: CVE-2014-5439
Sniffit is a data sniffer and monitoring tool. It can run on a variety of Unix/Linux platforms.
Multiple buffer overflow vulnerabilities exist in the implementation of SniffIt. Attackers can bypass three protection mechanisms (NX, SSP, and ASLR) through the constructed sniffit configuration file ), then execute any code as root.
Download, install, and use Sniffit in Linux
<* Source: Ismael Ripoll
Link: http://www.securityfocus.com/archive/1/534097
*>
Suggestion:
Vendor patch:
Sniffit
-------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://reptile.rug.ac.be /~ Coder/sniffit/sniffit.html
Refer:
Http://hmarco.org/bugs/CVE-2014-5439-sniffit_0.3.7-stack-buffer-overflow.html
This article permanently updates the link address: