Published: 22/10/2019 Updated: 18/11/2019

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a crafted file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nipper-ng project nipper-ng 0.11.10

# Exploit Title: nipper-ng 01110 - Remote Buffer Overflow (PoC) # Date: 2019-10-20 # Exploit Author: Guy Levin # blogvastartdev # Vendor Homepage: toolskaliorg/reporting-tools/nipper-ng # Software Link: codegooglecom/archive/p/nipper-ng/source/default/source # Version: 01110 # Tested on: Debian # CVE : CVE-2019-17 ...

nipper-ng version 01110 suffers from a remote buffer overflow vulnerability ...

RCE Exploit For CVE-2019-17424 (nipper-ng 0.11.10)

CVE-2019-17424 RCE Exploit For CVE-2019-17424 (nipper-ng 01110)

CWE-787 https://github.com/guywhataguy/CVE-2019-17424 https://blog.vastart.dev/2019/10/stack-overflow-cve-2019-17424.html https://code.google.com/archive/p/nipper-ng/source/default/source https://twitter.com/va_start http://packetstormsecurity.com/files/155378/nipper-ng-0.11.10-Remote-Buffer-Overflow.html https://nvd.nist.gov https://github.com/guywhataguy/CVE-2019-17424 https://www.exploit-db.com/exploits/47673

CVE-2019-17424

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect