What is CVE-2008-7232?

CVE-2008-7232 is a vulnerability in N/a. Published 2009-09-14.

Is CVE-2008-7232 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2008-7232

Buffer overflow in the report function in xtacacsd 4.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted CONNECT TACACS command.

EPSS: 0.703 (98.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

aluigi.org/poc/xtacacsdz.zip (x_refsource_MISC)
aluigi.altervista.org/adv/xtacacsdz-adv.txt (x_refsource_MISC)
xtacacasd-report-bo(39551) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2008-7232?: CVE-2008-7232 is a vulnerability in N/a. Published 2009-09-14.
Is CVE-2008-7232 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.