CVE-2018-25295
Denial of Service in ObserverIP 1.4.0.1 via IP Field Overflow
Publication date: 2026-04-26
Last updated on: 2026-04-26
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| observerip | scan_tool | 1.4.0.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-789 | The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
ObserverIP Scan Tool version 1.4.0.1 has a denial of service vulnerability that allows local attackers to crash the application.
This happens when an attacker submits an excessively long stringβspecifically, a 2000-byte buffer of repeated charactersβinto the IP input field and triggers a search operation.
The application crashes as a result of processing this overly long input.
How can this vulnerability impact me? :
This vulnerability can cause the ObserverIP Scan Tool application to crash, resulting in a denial of service.
An attacker with local access can exploit this by submitting a very long string in the IP input field, disrupting normal operations.
This may lead to downtime or interruption of services relying on this tool.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves the ObserverIP Scan Tool 1.4.0.1 crashing when a local attacker inputs an excessively long string (around 2000 bytes) into the IP input field. Detection would involve monitoring for application crashes or abnormal behavior when the IP input field is used.
Since the vulnerability is triggered by a local input of a very long string, detection on the network level is unlikely. Instead, monitoring application logs or system logs for crashes or errors related to the ObserverIP Scan Tool may help identify exploitation attempts.
No specific commands or network detection methods are provided in the available information.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting local access to the ObserverIP Scan Tool to trusted users only, as the vulnerability requires local attacker interaction.
Avoid inputting excessively long strings into the IP input field to prevent triggering the denial of service condition.
Monitor for application crashes and consider disabling or uninstalling the vulnerable version (1.4.0.1) of the ObserverIP Scan Tool until a patch or update is available.