There is a format string vulnerability in the snmptrapd server from the cmu-snmp package. Versions cmu-snmp-linux-3.7 and cmu-snmp-linux-3.6 have been verified as susceptible.
8beaca8df3c88ba4e997d9a627aaf2002461b47795db5a62b9b081e9e5815e2c
Due to an insecure usage of the Apache logging function (ap_log_rerror) in auth_ldap_log_reason of auth_ldap, it is possible to run arbitrary code on the server running the module. Versions 1.6.0 and below are affected.
26a0724e4809bd1f36186743fcdff87c77f1ebb308a33a25c92609b052705ec7