• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

NAI Sniffer Agent SNMP Buffer Overflow Vulnerability

Sniffer Agent is part of the NAI Sniffer distributed network monitoring software package designed to report statistics and information to a central network accounting server. A vulnerability exists in the agent that can allow a malicious user unauthorized remote access.

A buffer overflow exists in the SNMP portion of the Sniffer Agent package. Once a community string has been guessed for the Agent, it is possible for a user to remotely write shell code into any accessible object. There is no limitation of characters input into the community string, with a maximum buffer size of 256 bytes within each object. It is possible for a malicious user to exploit this vulnerability using one custom crafted udp packet. Successful exploitation of this vulnerability could lead to a malicious user gaining System-level priviledges.