Description
IP TOOLS 2.50 contains a local buffer overflow vulnerability in the SNMP Scanner component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data into the 'From Addr' and 'To Addr' fields and trigger the crash by clicking the Start button, causing denial of service and SEH overwrite.
Published: 2026-04-05
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch Immediately
AI Analysis

Impact

IP TOOLS version 2.50 contains a local buffer overflow flaw in the SNMP Scanner component. The vulnerability is triggered when an attacker supplies overly long strings to the 'From Addr' and 'To Addr' fields. The overflow corrupts the stack and overwrites the SEH record, causing the application to crash and producing a denial of service. The weakness is classified as Buffer Overflow (CWE-787).

Affected Systems

The flaw affects the IP TOOLS product from Ks‑Soft, specifically version 2.50. No other versions or editions are listed as vulnerable by the vendor.

Risk and Exploitability

The CVSS score is 6.8, indicating moderate severity. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog. Based on the description, the attack vector is local: an attacker must have the ability to run the application and enter data into its user interface. The exploit does not grant code execution, but it can be used to crash the utility, potentially serving as a foothold for further local privilege escalation if the SEH overwrite can be controlled.

Generated by OpenCVE AI on April 5, 2026 at 23:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor’s patch or upgrade to a newer version of IP TOOLS that eliminates the buffer overflow.
  • If a patch is not yet available, disable or remove the SNMP Scanner functionality to prevent the vulnerable code from executing.
  • Avoid running the application with elevated privileges and limit local user access to the program.
  • Monitor system logs for repeated application crashes and verify that the issue has been resolved.

Generated by OpenCVE AI on April 5, 2026 at 23:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
First Time appeared Ks-soft ip-tools
CPEs cpe:2.3:a:ks-soft:ip-tools:*:*:*:*:*:*:*:*
Vendors & Products Ks-soft ip-tools

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Ks-soft
Ks-soft ip Tools
Vendors & Products Ks-soft
Ks-soft ip Tools

Mon, 06 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sun, 05 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
Description IP TOOLS 2.50 contains a local buffer overflow vulnerability in the SNMP Scanner component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data into the 'From Addr' and 'To Addr' fields and trigger the crash by clicking the Start button, causing denial of service and SEH overwrite.
Title IP TOOLS 2.50 Local Buffer Overflow Denial of Service
Weaknesses CWE-787
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Ks-soft Ip-tools Ip Tools
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-06T16:12:54.067Z

Reserved: 2026-04-05T12:41:43.453Z

Link: CVE-2018-25256

cve-icon Vulnrichment

Updated: 2026-04-06T16:12:50.457Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-05T21:16:41.033

Modified: 2026-04-27T13:11:06.327

Link: CVE-2018-25256

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-06T21:56:23Z

Weaknesses