Total
28 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-6151 | 3 Apple, Canonical, Net-snmp | 3 Mac Os X, Ubuntu Linux, Net-snmp | 2017-08-28 | 4.3 MEDIUM | N/A |
Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout. | |||||
CVE-2012-2141 | 1 Net-snmp | 1 Net-snmp | 2017-08-28 | 3.5 LOW | N/A |
Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an entry not in the extension table. | |||||
CVE-2006-6305 | 1 Net-snmp | 1 Net-snmp | 2017-07-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in Net-SNMP 5.3 before 5.3.0.1, when configured using the rocommunity or rouser snmpd.conf tokens, causes Net-SNMP to grant write access to users or communities that only have read-only access. | |||||
CVE-2014-2285 | 1 Net-snmp | 1 Net-snmp | 2016-12-07 | 4.3 MEDIUM | N/A |
The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl. | |||||
CVE-2015-8100 | 1 Net-snmp | 1 Net-snmp | 2016-12-07 | 2.1 LOW | N/A |
The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file. | |||||
CVE-2014-2284 | 1 Net-snmp | 1 Net-snmp | 2014-09-12 | 5.0 MEDIUM | N/A |
The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors. | |||||
CVE-2014-2310 | 1 Net-snmp | 1 Net-snmp | 2014-04-18 | 5.0 MEDIUM | N/A |
The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers to cause a denial of service (hang) by sending a multi-object request with an Object ID (OID) containing more subids than previous requests, a different vulnerability than CVE-2012-6151. | |||||
CVE-2005-2811 | 1 Net-snmp | 1 Net-snmp | 2008-09-05 | 4.6 MEDIUM | N/A |
Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, on Gentoo Linux, installs certain Perl modules with an insecure DT_RPATH, which could allow local users to gain privileges. |