PT-2024-36706 · Unknown · Sflow V5 Plugin+1

Evgeny Shtanov

Published

2024-12-13

Updated

2024-12-26

CVE-2024-56072

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions 1.2.7 and earlier

Description An issue was discovered in the sFlow v5 plugin, allowing remote attackers to cause a denial of service (application crash) via a crafted packet that specifies many sFlow samples.

Recommendations For FastNetMon Community Edition versions 1.2.7 and earlier, consider disabling the sFlow v5 plugin as a temporary workaround to prevent the denial of service issue until a patch is available.

Fix

DoS

Code Injection

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94CWE-369

Related Identifiers

BDU:2025-00110

CVE-2024-56072

DSA-5837-1

Affected Products

Fastnetmon Community Edition

Sflow V5 Plugin

PT-2024-36706 · Unknown · Sflow V5 Plugin+1

CVE-2024-56072

Weakness Enumeration

Related Identifiers

Affected Products

References · 17