CVE-2002-1570

ucd-snmp < 4.2.3 - Remote Code Execution via snmpnetstat Heap Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1570. PoCs published by Juan M. de la Torre.

AI-analyzed exploit summary This exploit targets a heap overflow vulnerability in Net-SNMP's snmpnetstat client (CVE-2002-1570). It crafts malicious SNMP responses to overwrite the GOT entry of `endprotoent` with connect-back shellcode, achieving remote code execution.

Description

Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Juan M. de la Torre · cremotelinux
https://www.exploit-db.com/exploits/21200

This exploit targets a heap overflow vulnerability in Net-SNMP's snmpnetstat client (CVE-2002-1570). It crafts malicious SNMP responses to overwrite the GOT entry of `endprotoent` with connect-back shellcode, achieving remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Racy
Target: Net-SNMP (snmpnetstat client)
No auth needed
Prerequisites: Network access to vulnerable Net-SNMP client · Ability to send crafted SNMP responses
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/248141
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7776
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3780
Vendor Advisory vendor-advisory x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000696

Scores

EPSS 0.0552
EPSS Percentile 91.8%

Details

Status published
Products (1)
ucd-snmp/ucd-snmp < 4.2.3
Published Nov 03, 2003
Tracked Since Feb 18, 2026