NAI Sniffer Agent SNMP Buffer Overflow Vulnerability

Sniffer Agent is part of the NAI Sniffer distributed network monitoring software package designed to report statistics and information to a central network accounting server. A vulnerability exists in the agent that can allow a malicious user unauthorized remote access.

A buffer overflow exists in the SNMP portion of the Sniffer Agent package. Once a community string has been guessed for the Agent, it is possible for a user to remotely write shell code into any accessible object. There is no limitation of characters input into the community string, with a maximum buffer size of 256 bytes within each object. It is possible for a malicious user to exploit this vulnerability using one custom crafted udp packet. Successful exploitation of this vulnerability could lead to a malicious user gaining System-level priviledges.


Privacy Statement
Copyright 2010, SecurityFocus