exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

net-snmp 5.7.3 Denial Of Service
Posted Oct 8, 2018
Authored by Magnus Klaaborg Stubman

net-snmp version 5.7.3 suffers from an authenticated denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 8e2f9ac672c73a2f2aa095307e242fb1a6637e86a3a3d715cd0616592950896f

Related Files

Red Hat Security Advisory 2020-5201-01
Posted Nov 24, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5201-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.

tags | advisory, perl, protocol
systems | linux, redhat
advisories | CVE-2020-15862
SHA-256 | b31623decc964d6377a5a8baf05d70be15e0f2694502c2916618edf5d2a04b5f
Red Hat Security Advisory 2020-5129-01
Posted Nov 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5129-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.

tags | advisory, perl, protocol
systems | linux, redhat
advisories | CVE-2020-15862
SHA-256 | ee2639692c24e69fc001f589785af35d335a8c1aceec96860689af3c5455197b
Ubuntu Security Notice USN-4471-2
Posted Sep 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4471-2 - USN-4471-1 fixed a vulnerability in Net-SNMP. The updated introduced a regression making nsExtendCacheTime not settable. This update fixes the problem adding the cacheTime feature flag. Tobias Neitzel discovered that Net-SNMP incorrectly handled certain symlinks. An attacker could possibly use this issue to access sensitive information. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-15861, CVE-2020-15862
SHA-256 | 1017733bfb26f81e781ca1324961b481d36d10524492ccdb51984e779c99e588
Gentoo Linux Security Advisory 202008-12
Posted Aug 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202008-12 - Multiple vulnerabilities have been found in Net-SNMP, the worst of which could result in privilege escalation. Versions less than 5.8.1_pre1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2019-20892, CVE-2020-15861, CVE-2020-15862
SHA-256 | 47b590361046f370f06a09b89dcc673424b68229c00713f89dedeb4d3d77f993
Ubuntu Security Notice USN-4471-1
Posted Aug 25, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4471-1 - Tobias Neitzel discovered that Net-SNMP incorrectly handled certain symlinks. An attacker could possibly use this issue to access sensitive information. It was discovered that Net-SNMP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15861, CVE-2020-15862
SHA-256 | 140626755544c8727d1b72860128291e6f9088c580c911f1655a3e8bdd1ef97a
Red Hat Security Advisory 2020-2539-01
Posted Jun 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2539-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. Issues addressed include denial of service, double free, memory leak, and null pointer vulnerabilities.

tags | advisory, denial of service, perl, vulnerability, protocol, memory leak
systems | linux, redhat
advisories | CVE-2018-18066
SHA-256 | b75ffd39f8f0af177e75202bda5990a8541b3b0997e2d0d7016c81111af3fe88
Red Hat Security Advisory 2020-1081-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1081-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. Issues addressed include denial of service and null pointer vulnerabilities.

tags | advisory, denial of service, perl, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2018-18066
SHA-256 | ec40839212e192907f3d7a60e7c12daee609836719546612362c98e940ae5973
Ubuntu Security Notice USN-3792-3
Posted Oct 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3792-3 - USN-3792-1 fixed a vulnerability in Net-SNMP. This update provides the corresponding update for Ubuntu 18.10. It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18065
SHA-256 | ce1ec4a1174f9d72e3e00dbf147ee765b55e1b003b6664cd2e017c8baf4c8eba
Ubuntu Security Notice USN-3792-2
Posted Oct 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3792-2 - USN-3792-1 fixed a vulnerability in Net-SNMP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18065
SHA-256 | be44d45d384dd945835966eb97cbc017459819b713ae4d51cbddbb443a0682a8
Ubuntu Security Notice USN-3792-1
Posted Oct 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3792-1 - It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-18065
SHA-256 | e3f5ab649c9e7f971bcf9045f65087717c8f42377af82be89306bbae6a985a72
net-snmp 5.7.3 Denial Of Service
Posted Oct 9, 2018
Authored by Magnus Klaaborg Stubman

Full advisory and proof of concept information for denial of service vulnerabilities in net-snmp version 5.7.3.

tags | exploit, denial of service, vulnerability, proof of concept
SHA-256 | 72baee3ff55bedf32911d33f0cdaf2487bc855598e704ce3183d3374cbb74d91
net-snmp 5.7.3 Unauthenticated Denial Of Service
Posted Oct 8, 2018
Authored by Magnus Klaaborg Stubman

net-snmp version 5.7.3 suffers from an unauthenticated denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 8a47315cb13031259275fabde237dae81f5e3dd9e4010de7c9145bec06f1aef5
Debian Security Advisory 4154-1
Posted Mar 28, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4154-1 - A heap corruption vulnerability was discovered in net-snmp, a suite of Simple Network Management Protocol applications, triggered when parsing the PDU prior to the authentication process. A remote, unauthenticated attacker can take advantage of this flaw to crash the snmpd process (causing a denial of service) or, potentially, execute arbitrary code with the privileges of the user running snmpd.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, debian
advisories | CVE-2015-5621, CVE-2018-1000116
SHA-256 | c2fdf78354d35abec9941075f6a4273bb1213ca58a281c089f7c7f2f8527420a
Red Hat Security Advisory 2015-2345-01
Posted Nov 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2345-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.

tags | advisory, denial of service, perl, protocol
systems | linux, redhat
advisories | CVE-2014-3565
SHA-256 | 39d3c90e21cd7f01f9b921b8bf0ce2af6a366718079a6eb5acd08fdc18a9a588
OpenBSD net-snmp Information Disclosure
Posted Nov 13, 2015
Authored by Pierre Kim

OpenBSD net-snmp suffers from a credential and information disclosure vulnerability.

tags | exploit, info disclosure
systems | openbsd
advisories | CVE-2015-8100
SHA-256 | a80d494deb52dc8a57e8c8f3a438e4dc2e1095c1a787fbcd33b9d4404d060cac
Red Hat Security Advisory 2015-1636-01
Posted Aug 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1636-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user running snmpd.

tags | advisory, remote, arbitrary, perl, protocol
systems | linux, redhat
advisories | CVE-2015-5621
SHA-256 | 7e93f979c50653c313c0d7725efcdfce77a93450f3525440e259a4fdc114f124
Ubuntu Security Notice USN-2711-1
Posted Aug 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2711-1 - It was discovered that Net-SNMP incorrectly handled certain trap messages when the -OQ option was used. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service. Qinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing failures. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-3565, CVE-2015-5621
SHA-256 | 637f1672470959d86194903a05d03503644b70c98bc272b459ef69a1bfc19637
Red Hat Security Advisory 2015-1385-01
Posted Jul 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1385-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.

tags | advisory, denial of service, perl, protocol
systems | linux, redhat
advisories | CVE-2014-3565
SHA-256 | e856697fa0fbaf74af1b4b3706a28577bc53843c99783d86587297c7214ca752
Mandriva Linux Security Advisory 2015-092
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-092 - Remotely exploitable denial of service vulnerability in Net-SNMP, in the Linux implementation of the ICMP-MIB, making the SNMP agent vulnerable if it is making use of the ICMP-MIB table objects. Remotely exploitable denial of service vulnerability in Net-SNMP, in snmptrapd, due to how it handles trap requests with an empty community string when the perl handler is enabled. A remote denial-of-service flaw was found in the way snmptrapd handled certain SNMP traps when started with the -OQ option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.

tags | advisory, remote, denial of service, perl
systems | linux, mandriva
advisories | CVE-2014-2284, CVE-2014-2285, CVE-2014-3565
SHA-256 | d604316ab4c33292b9bb3bb59fcb9464712dfe5b998842c636ef11aa22776a28
Gentoo Linux Security Advisory 201409-02
Posted Sep 2, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201409-2 - Multiple vulnerabilities have been found in Net-SNMP which could allow remote attackers to cause Denial of Service. Versions less than 5.7.3_pre3 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2012-2141, CVE-2012-6151, CVE-2014-2284, CVE-2014-2285
SHA-256 | 08005ad35e18864fc49dc7b6919608e14ad35acf3207c18c8ffbaed33c442753
Ubuntu Security Notice USN-2166-1
Posted Apr 14, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2166-1 - Ken Farnen discovered that Net-SNMP incorrectly handled AgentX timeouts. A remote attacker could use this issue to cause the server to crash or to hang, resulting in a denial of service. It was discovered that the Net-SNMP ICMP-MIB incorrectly validated input. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 13.10. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-6151, CVE-2014-2284, CVE-2014-2285, CVE-2014-2310
SHA-256 | 2d862fdbbedba3e69543d118bff35f5b2daedc4accbeba0c55ef27fe30821eee
Red Hat Security Advisory 2014-0322-01
Posted Mar 24, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0322-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A denial of service flaw was found in the way snmpd, the Net-SNMP daemon, handled subagent timeouts. A remote attacker able to trigger a subagent timeout could use this flaw to cause snmpd to loop infinitely or crash.

tags | advisory, remote, denial of service, perl, protocol
systems | linux, redhat
advisories | CVE-2012-6151, CVE-2014-2285
SHA-256 | 82b41a8b11f98433502f365e31a509572e514c0d50441c3f75ead69dbd1d31f9
Red Hat Security Advisory 2014-0321-01
Posted Mar 24, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0321-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A buffer overflow flaw was found in the way the decode_icmp_msg() function in the ICMP-MIB implementation processed Internet Control Message Protocol message statistics reported in the /proc/net/snmp file. A remote attacker could send a message for each ICMP message type, which could potentially cause the snmpd service to crash when processing the /proc/net/snmp file.

tags | advisory, remote, overflow, perl, protocol
systems | linux, redhat
advisories | CVE-2014-2284
SHA-256 | eed20b6823d411b76ec67ad4e096e4db4919dcef35c74801bb53e46ffbac5c15
Mandriva Linux Security Advisory 2014-052
Posted Mar 13, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-052 - Remotely exploitable denial of service vulnerability in Net-SNMP, in the Linux implementation of the ICMP-MIB, making the SNMP agent vulnerable if it is making use of the ICMP-MIB table objects. Remotely exploitable denial of service vulnerability in Net-SNMP, in snmptrapd, due to how it handles trap requests with an empty community string when the perl handler is enabled.

tags | advisory, denial of service, perl
systems | linux, mandriva
advisories | CVE-2014-2284, CVE-2014-2285
SHA-256 | 5321b6a85466163f258effee601462d0d873c80a7e36fa1ba6faaf05959c81dc
Mandriva Linux Security Advisory 2014-018
Posted Jan 23, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-018 - Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-6151
SHA-256 | 479e81439c0d26b024653339e67bcc26a11f63393821e9cf087d17a41abac8fa
Page 1 of 4
Back1234Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close