CVE-2015-5677

Related Files

FreeBSD bsnmpd Information Disclosure

Posted Jan 16, 2016

Authored by Pierre Kim

FreeBSD suffers from a bsnmpd information disclosure vulnerability.

tags | exploit, info disclosure

systems | freebsd, bsd

advisories | CVE-2015-5677

SHA-256 | 30858a55de4d08a56a599bb420f85c65dae9f53454ef12c51314ce7d18ea9a53

Download | Favorite | View

FreeBSD Security Advisory - FreeBSD-SA-16:06.bsnmpd

Posted Jan 15, 2016

Authored by Pierre Kim

FreeBSD Security Advisory - The SNMP protocol supports an authentication model called USM, which relies on a shared secret. The default permission of the bsnmpd configuration file, /etc/bsnmpd.conf, is weak and does not provide adequate protection against local unprivileged users. A local user may be able to read the shared secret, if configured and used by the system administrator.

tags | advisory, local, protocol

systems | freebsd

advisories | CVE-2015-5677

SHA-256 | a72b9ae60396ff46558b0ec651b04f329fe46350335df2906500a42e8c4ad50b

Download | Favorite | View