what you don't know can hurt you
Showing 1 - 25 of 93 RSS Feed

Files

net-snmp 5.7.3 Unauthenticated Denial Of Service
Posted Oct 8, 2018
Authored by Magnus Klaaborg Stubman

net-snmp version 5.7.3 suffers from an unauthenticated denial of service vulnerability.

tags | exploit, denial of service
MD5 | cba3c464c7877af69e0619f1108f781c

Related Files

Ubuntu Security Notice USN-3792-3
Posted Oct 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3792-3 - USN-3792-1 fixed a vulnerability in Net-SNMP. This update provides the corresponding update for Ubuntu 18.10. It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18065
MD5 | 6922096eae4f9412061212a2f8908aeb
Ubuntu Security Notice USN-3792-2
Posted Oct 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3792-2 - USN-3792-1 fixed a vulnerability in Net-SNMP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18065
MD5 | bbb68331d63976d5a997a0dc75dd3c41
Ubuntu Security Notice USN-3792-1
Posted Oct 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3792-1 - It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18065
MD5 | 3aeb07109a6cf15ff3a438a836d9be6c
net-snmp 5.7.3 Denial Of Service
Posted Oct 9, 2018
Authored by Magnus Klaaborg Stubman

Full advisory and proof of concept information for denial of service vulnerabilities in net-snmp version 5.7.3.

tags | exploit, denial of service, vulnerability, proof of concept
MD5 | 36541b91fda31ad3e20703dbd494c043
net-snmp 5.7.3 Denial Of Service
Posted Oct 8, 2018
Authored by Magnus Klaaborg Stubman

net-snmp version 5.7.3 suffers from an authenticated denial of service vulnerability.

tags | exploit, denial of service
MD5 | c504854bbb33e5a920a08575d942fc46
Debian Security Advisory 4154-1
Posted Mar 28, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4154-1 - A heap corruption vulnerability was discovered in net-snmp, a suite of Simple Network Management Protocol applications, triggered when parsing the PDU prior to the authentication process. A remote, unauthenticated attacker can take advantage of this flaw to crash the snmpd process (causing a denial of service) or, potentially, execute arbitrary code with the privileges of the user running snmpd.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, debian
advisories | CVE-2015-5621, CVE-2018-1000116
MD5 | da63ee7b3cb55c040eac4a016689e8e2
Red Hat Security Advisory 2015-2345-01
Posted Nov 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2345-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.

tags | advisory, denial of service, perl, protocol
systems | linux, redhat
advisories | CVE-2014-3565
MD5 | 3620b6b2424f7f71f0cc887cf788336f
OpenBSD net-snmp Information Disclosure
Posted Nov 13, 2015
Authored by Pierre Kim

OpenBSD net-snmp suffers from a credential and information disclosure vulnerability.

tags | exploit, info disclosure
systems | openbsd
advisories | CVE-2015-8100
MD5 | 58ae670019233a11582c38947b6d86cc
Red Hat Security Advisory 2015-1636-01
Posted Aug 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1636-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user running snmpd.

tags | advisory, remote, arbitrary, perl, protocol
systems | linux, redhat
advisories | CVE-2015-5621
MD5 | cfeacfd0577d0cd2222fbdd62be496f2
Ubuntu Security Notice USN-2711-1
Posted Aug 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2711-1 - It was discovered that Net-SNMP incorrectly handled certain trap messages when the -OQ option was used. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service. Qinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing failures. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-3565, CVE-2015-5621
MD5 | 6f76a7ed2b1076062c7d728b9ac2c030
Red Hat Security Advisory 2015-1385-01
Posted Jul 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1385-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.

tags | advisory, denial of service, perl, protocol
systems | linux, redhat
advisories | CVE-2014-3565
MD5 | 0084b4ac2ab29670ada2d2d3f89c7ae2
Mandriva Linux Security Advisory 2015-092
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-092 - Remotely exploitable denial of service vulnerability in Net-SNMP, in the Linux implementation of the ICMP-MIB, making the SNMP agent vulnerable if it is making use of the ICMP-MIB table objects. Remotely exploitable denial of service vulnerability in Net-SNMP, in snmptrapd, due to how it handles trap requests with an empty community string when the perl handler is enabled. A remote denial-of-service flaw was found in the way snmptrapd handled certain SNMP traps when started with the -OQ option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.

tags | advisory, remote, denial of service, perl
systems | linux, mandriva
advisories | CVE-2014-2284, CVE-2014-2285, CVE-2014-3565
MD5 | 995d5d3ad38c457a1c526a324650b2c3
Gentoo Linux Security Advisory 201409-02
Posted Sep 2, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201409-2 - Multiple vulnerabilities have been found in Net-SNMP which could allow remote attackers to cause Denial of Service. Versions less than 5.7.3_pre3 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2012-2141, CVE-2012-6151, CVE-2014-2284, CVE-2014-2285
MD5 | 3e55e982c1f40abfa2690f5de2961b91
Ubuntu Security Notice USN-2166-1
Posted Apr 14, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2166-1 - Ken Farnen discovered that Net-SNMP incorrectly handled AgentX timeouts. A remote attacker could use this issue to cause the server to crash or to hang, resulting in a denial of service. It was discovered that the Net-SNMP ICMP-MIB incorrectly validated input. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 13.10. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-6151, CVE-2014-2284, CVE-2014-2285, CVE-2014-2310
MD5 | 2ad23c3c903048952d5679dab5341836
Red Hat Security Advisory 2014-0322-01
Posted Mar 24, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0322-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A denial of service flaw was found in the way snmpd, the Net-SNMP daemon, handled subagent timeouts. A remote attacker able to trigger a subagent timeout could use this flaw to cause snmpd to loop infinitely or crash.

tags | advisory, remote, denial of service, perl, protocol
systems | linux, redhat
advisories | CVE-2012-6151, CVE-2014-2285
MD5 | d6da9316c756c232e64f58c538f056d6
Red Hat Security Advisory 2014-0321-01
Posted Mar 24, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0321-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A buffer overflow flaw was found in the way the decode_icmp_msg() function in the ICMP-MIB implementation processed Internet Control Message Protocol message statistics reported in the /proc/net/snmp file. A remote attacker could send a message for each ICMP message type, which could potentially cause the snmpd service to crash when processing the /proc/net/snmp file.

tags | advisory, remote, overflow, perl, protocol
systems | linux, redhat
advisories | CVE-2014-2284
MD5 | b46663f004b4afb5b0799cc05dba8d71
Mandriva Linux Security Advisory 2014-052
Posted Mar 13, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-052 - Remotely exploitable denial of service vulnerability in Net-SNMP, in the Linux implementation of the ICMP-MIB, making the SNMP agent vulnerable if it is making use of the ICMP-MIB table objects. Remotely exploitable denial of service vulnerability in Net-SNMP, in snmptrapd, due to how it handles trap requests with an empty community string when the perl handler is enabled.

tags | advisory, denial of service, perl
systems | linux, mandriva
advisories | CVE-2014-2284, CVE-2014-2285
MD5 | d2f2a3a662c5e97fcbede9eff4eb315c
Mandriva Linux Security Advisory 2014-018
Posted Jan 23, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-018 - Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-6151
MD5 | 8ebf5ef529674b13bd9f8b52c52d0a97
Mandriva Linux Security Advisory 2014-017
Posted Jan 23, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-017 - Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout. This update also fixes two other minor issues: IPADDRESS size in python-netsnmp on 64-bit systems and adding btrfs support to hrFSTable.

tags | advisory, remote, denial of service, python
systems | linux, mandriva
advisories | CVE-2012-6151
MD5 | 6bc9ad87f0027a6a20eff1b9061599e9
Mandriva Linux Security Advisory 2013-049
Posted Apr 7, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-049 - An array index error, leading to out-of heap-based buffer read flaw was found in the way net-snmp agent performed entries lookup in the extension table. When certain MIB subtree was handled by the extend directive, a remote attacker having read privilege to the subtree could use this flaw to cause a denial of service via SNMP GET request involving a non-existent extension table entry. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-2141
MD5 | 0b5f962c2af66536d4e501e0d497a975
Secunia Security Advisory 51774
Posted Jan 11, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for net-snmp. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
MD5 | dbf9d9a02b2a82906d35867345278a44
Red Hat Security Advisory 2013-0124-01
Posted Jan 8, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0124-01 - These packages provide various libraries and tools for the Simple Network Management Protocol. An out-of-bounds buffer read flaw was found in the net-snmp agent. A remote attacker with read privileges to a Management Information Base subtree handled by the "extend" directive could use this flaw to crash snmpd via a crafted SNMP GET request.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2012-2141
MD5 | d34a57d5cb584c6c8e61f021644892e8
Mandriva Linux Security Advisory 2012-099
Posted Jun 21, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-099 - An array index error, leading to out-of heap-based buffer read flaw was found in the way net-snmp agent performed entries lookup in the extension table. When certain MIB subtree was handled by the extend directive, a remote attacker having read privilege to the subtree could use this flaw to cause a denial of service via SNMP GET request involving a non-existent extension table entry. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-2141
MD5 | 5e1584a2421514af58af80466d9604d2
Red Hat Security Advisory 2012-0876-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0876-04 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. An array index error, leading to an out-of-bounds buffer read flaw, was found in the way the net-snmp agent looked up entries in the extension table. A remote attacker with read privileges to a Management Information Base subtree handled by the "extend" directive could use this flaw to crash snmpd via a crafted SNMP GET request.

tags | advisory, remote, perl, protocol
systems | linux, redhat
advisories | CVE-2012-2141
MD5 | afd882c2c2b70a87b050057cf33d91e8
Secunia Security Advisory 49596
Posted Jun 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for net-snmp. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
MD5 | df456e9fbe704425930307add1b226bf
Page 1 of 4
Back1234Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close