Vulnerability Details CVE-2017-7938
Stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) version 1.3a (Unix) allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long argument. An example threat model is automated execution of DMitry with hostname strings found in local log files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.025
EPSS Ranking 84.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://cxsecurity.com/issue/WLB-2017040113
- https://github.com/jaygreig86/dmitry/pull/12
- https://packetstormsecurity.com/files/142210/Dmitry-1.3a-Local-Stack-Buffer-Overflow.html
- https://www.exploit-db.com/exploits/41898/
- https://cxsecurity.com/issue/WLB-2017040113
- https://github.com/jaygreig86/dmitry/pull/12
- https://packetstormsecurity.com/files/142210/Dmitry-1.3a-Local-Stack-Buffer-Overflow.html
- https://www.exploit-db.com/exploits/41898/
Products affected by CVE-2017-7938
-
cpe:2.3:a:mor-pah.net:dmitry_deepmagic_information_gathering_tool:1.3a