CVE-2014-2285 – net-snmp: snmptrapd crash when using a trap with empty community string
https://notcve.org/view.php?id=CVE-2014-2285
The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl. La función perl_trapd_handler en perl/TrapReceiver/TrapReceiver.xs en Net-SNMP 5.7.3.pre3 y anteriores, cuando utiliza ciertas versiones Perl, permite a atacantes remotos causar una denegación de servicio (caída de snmptrapd) a través de una cadena de comunidad vacía en una trampa SNMP, lo que provoca una referencia a puntero nulo dentro de la función newSVpv en Perl. • http://comments.gmane.org/gmane.comp.security.oss.general/12284 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.opensuse.org/opensuse-updates/2014-03/msg00060.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00061.html http://secunia.com/advisories/59974 http://sourceforge.net/p/net-snmp/patches/1275 http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml http://www.nntp.perl.org/group/perl.perl5.porters/2006/09/msg116250.html https:/ • CWE-20: Improper Input Validation •
CVE-2012-6151 – Net-SNMP - SNMPD AgentX Subagent Timeout Denial of Service
https://notcve.org/view.php?id=CVE-2012-6151
Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout. Net-SNMP 5.7.1 y anteriores, cuando AgentX está registrando para manejar una MIB y tramitación de solicitudes de GETNEXT, permite a atacantes remotos provocar una denegación de servicio (caída o bucle infinito, consumo de CPU, y bloqueo) causando timeout en el subagente AgentX • https://www.exploit-db.com/exploits/38854 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html http://seclists.org/oss-sec/2013/q4/398 http://seclists.org/oss-sec/2013/q4/415 http://secunia.com/advisories/55804 http://secunia.com/advisories/57870 http://secunia.com/advisories/59974 http://sourceforge.net/p/net-snmp/bugs/2411 http://www.gentoo.org/security/en/glsa/glsa-201409-02& • CWE-399: Resource Management Errors •
CVE-2009-1887 – net-snmp: DoS (division by zero) via SNMP GetBulk requests
https://notcve.org/view.php?id=CVE-2009-1887
agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309. agent/snmp_agent.c en snmpd en net-snmp 5.0.9 en Red Hat Enterprise Linux (RHEL) 3 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) mediante una petición SNMP GETBULK manipulada que dispara un error de división por 0. NOTA: esta vulnerabilidad existe debido a una corrección incorrecta para CVE-2008-4309. • http://www.mandriva.com/security/advisories?name=MDVSA-2009:156 http://www.redhat.com/support/errata/RHSA-2009-1124.html https://bugzilla.redhat.com/show_bug.cgi?id=506903 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8426 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9716 https://access.redhat.com/security/cve/CVE-2009-1887 • CWE-369: Divide By Zero •
CVE-2008-6123 – net-snmp: incorrect application of hosts access restrictions in hosts.{allow,deny}
https://notcve.org/view.php?id=CVE-2008-6123
The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion." La función netsnmp_udp_fmtaddr (snmplib/snmpUDPDomain.c) en net-snmp v5.0.9 hasta v5.4.2, cuando usando TCP wrappers para autorización de clientes, no analiza apropiadamente reglas hosts.allow, lo que permite a los atacantes remotos evitar restricciones de accesos intencionados y ejecuta consultas SNMP, relativas a "direcciones IP fuente/destino confusas". • http://bugs.gentoo.org/show_bug.cgi?id=250429 http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.c?r1=17325&r2=17367&pathrev=17367 http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367 http://secunia.com/adviso • CWE-863: Incorrect Authorization •
CVE-2007-5846 – net-snmp remote DoS via udp packet
https://notcve.org/view.php?id=CVE-2007-5846
The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value. El agente SNMP (snmp_agent.c) en net-snmp versiones anteriores a 5.4.1, permite a atacantes remotos causar una denegación de servicio (consumo de CPU y memoria) por medio de una petición GETBULK con un valor de max-repeaters largo. • http://bugs.gentoo.org/show_bug.cgi?id=198346 http://lists.vmware.com/pipermail/security-announce/2008/000014.html http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-4-1/net-snmp/agent/snmp_agent.c?view=log http://osvdb.org/38904 http://secunia.com/advisories/27558 http://secunia.com/advisories/27685 http://secunia.com/advisories/27689 http://secunia.com/advisories/27733 http://secunia.com/advisories/27740 http://secunia.com/advisories/27965 http:/ • CWE-399: Resource Management Errors •