CVE-2008-7232

Published Sep 14, 2009

Last updated 7 years ago

CVSS info 10.0

Overview

Description: Buffer overflow in the report function in xtacacsd 4.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted CONNECT TACACS command.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:netplex-tech:xtacacsd:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AC96F81-F52E-4171-A699-DF24CAAB3CF9",
            "versionEndIncluding": "4.1.2"
          },
          {
            "criteria": "cpe:2.3:a:netplex-tech:xtacacsd:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B43E198E-AD7A-4F7D-B047-6FD7E5143C30"
          },
          {
            "criteria": "cpe:2.3:a:netplex-tech:xtacacsd:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BB9DEED-953D-4FB4-A441-F8624065783C"
          },
          {
            "criteria": "cpe:2.3:a:netplex-tech:xtacacsd:3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8F22404-C731-46B5-870A-5371DEBA8215"
          },
          {
            "criteria": "cpe:2.3:a:netplex-tech:xtacacsd:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CB2981F-9E81-4C18-A9E5-C6A2F253457A"
          },
          {
            "criteria": "cpe:2.3:a:netplex-tech:xtacacsd:3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F4F7744-5EC9-4A01-A035-84C50855FF8F"
          },
          {
            "criteria": "cpe:2.3:a:netplex-tech:xtacacsd:3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91955D4E-258D-4961-B17A-D2F0BD161C0F"
          },
          {
            "criteria": "cpe:2.3:a:netplex-tech:xtacacsd:3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A1F6DFB-82C9-40DA-BF27-14D4CBF290A8"
          },
          {
            "criteria": "cpe:2.3:a:netplex-tech:xtacacsd:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "100213F3-0784-4AE3-99CE-72B99F0E2505"
          },
          {
            "criteria": "cpe:2.3:a:netplex-tech:xtacacsd:4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C2BCE2B-C4D6-4434-9D58-9A7B1F719B83"
          },
          {
            "criteria": "cpe:2.3:a:netplex-tech:xtacacsd:4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4D972A1-A3F0-48D3-9C34-428FA7298F72"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References