CVE-2018-25256
Received Received - Intake
Buffer Overflow in IP TOOLS SNMP Scanner Causes DoS

Publication date: 2026-04-05

Last updated on: 2026-04-27

Assigner: VulnCheck

Description
IP TOOLS 2.50 contains a local buffer overflow vulnerability in the SNMP Scanner component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data into the 'From Addr' and 'To Addr' fields and trigger the crash by clicking the Start button, causing denial of service and SEH overwrite.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-05
Last Modified
2026-04-27
Generated
2026-06-16
AI Q&A
2026-04-06
EPSS Evaluated
2026-06-15
NVD
CVE-2018-25256
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ks-soft ip-tools to 2.50 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in IP TOOLS 2.50 within the SNMP Scanner component. It is a local buffer overflow issue that occurs when a local attacker inputs oversized data into the 'From Addr' and 'To Addr' fields. By doing so and clicking the Start button, the attacker can cause the application to crash and potentially overwrite the Structured Exception Handler (SEH).

Impact Analysis

The primary impact of this vulnerability is denial of service. An attacker can crash the application by supplying malicious input, causing it to stop functioning. Additionally, the SEH overwrite could potentially be leveraged for further exploitation, although the CVE description does not specify beyond the crash and denial of service.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2018-25256. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart