← back
CVE-2017-7938

CVE-2017-7938

CVSS 6.6 MEDIUMEPSS 5.0%
Stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) version 1.3a (Unix) allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long argument. An example threat model is automated execution of DMitry with hostname strings found in local log files.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Affected products
n/a · n/a
public PoCs found3
cve_referencepacketstormsecurity.com/files/142210/Dmitry-1.3a-Local-Stack-Buffer-Overflow.htmlunverifiedcve_referencewww.exploit-db.com/exploits/41898/unverifiedexploitdbwww.exploit-db.com/exploits/41898unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cxsecurity.com/issue/WLB-2017040113https://github.com/jaygreig86/dmitry/pull/12https://lists.debian.org/debian-lts-announce/2024/10/msg00024.htmlhttps://packetstormsecurity.com/files/142210/Dmitry-1.3a-Local-Stack-Buffer-Overflow.htmlhttps://www.exploit-db.com/exploits/41898/