CVE-2019-13577 - OpenCVE

SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthenticated Remote Buffer Overflow via a long string to the CE Remote feature listening on Port 987.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Computerlab	Maple Computer Wbt Snmp Administrator

Configuration 1 [-]

cpe:2.3:a:computerlab:maple_computer_wbt_snmp_administrator:2.0.195.15:*:*:*:*:*:*:*

References

Link	Resource
http://hyp3rlinx.altervista.org	Third Party Advisory
http://packetstormsecurity.com/files/153675/MAPLE-Computer-WBT-SNMP-Administrator-2.0.195.15-Buffer-Overflow.html	Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2019/Jul/17	Exploit Mailing List Third Party Advisory
https://seclists.org/bugtraq/2019/Jul/29	Exploit Mailing List Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-07-17T19:08:15

Updated: 2019-07-18T10:06:02

Reserved: 2019-07-13T00:00:00

Link: CVE-2019-13577

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-07-17T20:15:11.537

Modified: 2020-08-24T17:37:01.140

Link: CVE-2019-13577

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthenticated Remote Buffer Overflow via a long string to the CE Remote feature listening on Port 987."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-07-18T10:06:02", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://hyp3rlinx.altervista.org"}, {"name": "20190716 CVE-2019-13577 / MAPLE Computer WBT SNMP Administrator v2.0.195.15 / Unauthenticated Remote Buffer Overflow Code Execution 0day", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2019/Jul/17"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/153675/MAPLE-Computer-WBT-SNMP-Administrator-2.0.195.15-Buffer-Overflow.html"}, {"name": "20190718 CVE-2019-13577 / MAPLE Computer WBT SNMP Administrator v2.0.195.15 / Unauthenticated Remote Buffer Overflow Code Execution 0day", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/Jul/29"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-13577", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthenticated Remote Buffer Overflow via a long string to the CE Remote feature listening on Port 987."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://hyp3rlinx.altervista.org", "refsource": "MISC", "url": "http://hyp3rlinx.altervista.org"}, {"name": "20190716 CVE-2019-13577 / MAPLE Computer WBT SNMP Administrator v2.0.195.15 / Unauthenticated Remote Buffer Overflow Code Execution 0day", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2019/Jul/17"}, {"name": "http://packetstormsecurity.com/files/153675/MAPLE-Computer-WBT-SNMP-Administrator-2.0.195.15-Buffer-Overflow.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/153675/MAPLE-Computer-WBT-SNMP-Administrator-2.0.195.15-Buffer-Overflow.html"}, {"name": "20190718 CVE-2019-13577 / MAPLE Computer WBT SNMP Administrator v2.0.195.15 / Unauthenticated Remote Buffer Overflow Code Execution 0day", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Jul/29"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-13577", "datePublished": "2019-07-17T19:08:15", "dateReserved": "2019-07-13T00:00:00", "dateUpdated": "2019-07-18T10:06:02", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:computerlab:maple_computer_wbt_snmp_administrator:2.0.195.15:*:*:*:*:*:*:*", "matchCriteriaId": "41CAC438-7022-4B44-939E-E3FBC1F07827", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthenticated Remote Buffer Overflow via a long string to the CE Remote feature listening on Port 987."}, {"lang": "es", "value": "El archivo SnmpAdm.exe en SNMP Administrator versi\u00f3n 2.0.195.15 de MAPLE WBT, presenta un desbordamiento de b\u00fafer remoto no autenticado por medio de una cadena larga en la caracter\u00edstica CE Remote que escucha sobre el puerto 987."}], "id": "CVE-2019-13577", "lastModified": "2020-08-24T17:37:01.140", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-17T20:15:11.537", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://hyp3rlinx.altervista.org"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/153675/MAPLE-Computer-WBT-SNMP-Administrator-2.0.195.15-Buffer-Overflow.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2019/Jul/17"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2019/Jul/29"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}