Page 6 of 29 results (0.010 seconds)

CVSS: 5.0EPSS: 7%CPEs: 14EXPL: 0

Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop. • http://secunia.com/advisories/15930 http://secunia.com/advisories/16999 http://secunia.com/advisories/17007 http://secunia.com/advisories/17135 http://secunia.com/advisories/17217 http://secunia.com/advisories/17282 http://secunia.com/advisories/17343 http://secunia.com/advisories/18635 http://secunia.com/advisories/22875 http://secunia.com/advisories/23058 http://secunia.com/advisories/25373 http://secunia.com/advisories/25432 http://secunia.com/advisories/25787 http:/& • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0

fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack. • http://secunia.com/advisories/15471 http://secunia.com/advisories/16999 http://secunia.com/advisories/17135 http://secunia.com/advisories/18635 http://security.gentoo.org/glsa/glsa-200505-18.xml http://securitytracker.com/id?1014039 http://www.mandriva.com/security/advisories?name=MDKSA-2006:025 http://www.osvdb.org/16778 http://www.redhat.com/support/errata/RHSA-2005-373.html http://www.redhat.com/support/errata/RHSA-2005-395.html http://www.securityfocus.com/bid/137 •

CVSS: 6.4EPSS: 0%CPEs: 7EXPL: 0

Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed. Net-SNMP anteriores a 5.0.9 permite a un usuario o comunidad acceder a datos en objetos MIB , incluso si no está perimtido que los datos sean vistos. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000778 http://sourceforge.net/forum/forum.php?forum_id=308015 http://www.redhat.com/support/errata/RHSA-2003-335.html http://www.redhat.com/support/errata/RHSA-2004-023.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A869 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9802 https://access.redhat.com/security/cve/CVE-2003-0935 https://bugzilla.redhat •

CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0

The handle_var_requests function in snmp_agent.c for the SNMP daemon in the Net-SNMP (formerly ucd-snmp) package 5.0.1 through 5.0.5 allows remote attackers to cause a denial of service (crash) via a NULL dereference. La función handle_var_requests en snmp_agent.c del demonio SNMP en el paquete Net-SNMP (antes ucd-snmp) 5.0.1, 5.0.3, y 5.0.4.pre2, permite a atacantes remotos causar una denegación de servicio (caida) mediante una desreferencia nula (NULL). • http://marc.info/?l=bugtraq&m=103359362020365&w=2 http://sourceforge.net/forum/forum.php?forum_id=216532 http://www.idefense.com/advisory/10.02.02.txt http://www.redhat.com/support/errata/RHSA-2002-228.html http://www.securityfocus.com/bid/5862 https://exchange.xforce.ibmcloud.com/vulnerabilities/10250 •