Evgeny Shtanov

**Name of the Vulnerable Software and Affected Versions** FastNetMon Community Edition versions 1.2.7 and earlier **Description** An issue was discovered in the sFlow v5 plugin, allowing remote attackers to cause a denial of service (application crash) via a crafted packet that specifies many sFlow samples. **Recommendations** For FastNetMon Community Edition versions 1.2.7 and earlier, consider disabling the sFlow v5 plugin as a temporary workaround to prevent the denial of service issue until a patch is available.

Name of the Vulnerable Software and Affected Versions: FastNetMon Community Edition versions 1.2.7 and earlier Description: An issue was discovered that allows remote attackers to cause a denial of service. This is due to zero-length templates for Netflow v9, which can lead to a divide-by-zero error and application crash. The vulnerability is related to the lack of checking for division by zero when processing templates. Recommendations: For FastNetMon Community Edition versions 1.2.7 and earlier, as a temporary workaround, consider disabling the processing of zero-length templates for Netflow v9 until a patch is available. Restrict access to the Netflow v9 functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.