Computer Security
[EN] securityvulns.ru no-pyccku


snmplib / snmpd DoS
Published:20.04.2015
Source:
SecurityVulns ID:14418
Type:remote
Threat Level:
5/10
Description:Multiple DoS conditions.
Affected:NETSNMP : net-snmp 5.7
CVE:CVE-2014-3565 (snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message.)
 CVE-2014-2285 (The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.)
 CVE-2014-2284 (The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors.)
Original documentdocumentMANDRIVA, [ MDVSA-2015:092 ] net-snmp (20.04.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod