CVSS: 5.0EPSS: 4%CPEs: 12EXPL: 0CVE-2014-2284 – net-snmp: denial of service flaw in Linux implementation of ICMP-MIB
https://notcve.org/view.php?id=CVE-2014-2284
The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors. La implementación Linux del ICMP-MIB en Net-SNMP 5.5 anterior a 5.5.2.1, 5.6.x anterior a 5.6.2.1 y 5.7.x anterior a 5.7.2.1 no valida debidamente las entradas, lo que permite a atacantes remotos causar una denegación de servicio a través de vectores no especificados. • http://comments.gmane.org/gmane.comp.security.oss.general/12284 http://lists.opensuse.org/opensuse-updates/2014-03/msg00060.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00061.html http://rhn.redhat.com/errata/RHSA-2014-0321.html http://secunia.com/advisories/57124 http://secunia.com/advisories/57526 http://secunia.com/advisories/57583 http://secunia.com/advisories/57870 http://secunia.com/advisories/59974 http://sourceforge.net/p/net-snmp/code/ci/a1fd64716f6794c55c34d7 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 13%CPEs: 25EXPL: 3CVE-2012-6151 – Net-SNMP - SNMPD AgentX Subagent Timeout Denial of Service
https://notcve.org/view.php?id=CVE-2012-6151
Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout. Net-SNMP 5.7.1 y anteriores, cuando AgentX está registrando para manejar una MIB y tramitación de solicitudes de GETNEXT, permite a atacantes remotos provocar una denegación de servicio (caída o bucle infinito, consumo de CPU, y bloqueo) causando timeout en el subagente AgentX • https://www.exploit-db.com/exploits/38854 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html http://seclists.org/oss-sec/2013/q4/398 http://seclists.org/oss-sec/2013/q4/415 http://secunia.com/advisories/55804 http://secunia.com/advisories/57870 http://secunia.com/advisories/59974 http://sourceforge.net/p/net-snmp/bugs/2411 http://www.gentoo.org/security/en/glsa/glsa-201409-02& • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 0CVE-2012-2141 – net-snmp: Array index error, leading to out-of heap-based buffer read (snmpd crash)
https://notcve.org/view.php?id=CVE-2012-2141
Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an entry not in the extension table. Error de índice de array en la función nsExtendOutput2Table en agent/mibgroup/agent/extend.c en Net-SNMP v5.7.1 permite a usuarios remotos autenticados provocar una denegación de servicio (lectura fuera de límites y fallo de snmpd) a través de una petición SNMP GET para una entrada que no está en la tabla de extensiones. • http://rhn.redhat.com/errata/RHSA-2013-0124.html http://secunia.com/advisories/48938 http://secunia.com/advisories/59974 http://support.citrix.com/article/CTX139049 http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml http://www.openwall.com/lists/oss-security/2012/04/26/2 http://www.openwall.com/lists/oss-security/2012/04/26/3 http://www.securityfocus.com/bid/53255 http://www.securityfocus.com/bid/53258 http://www.securitytracker.com/id?1026984 https:&# •