Page 7 of 41 results (0.002 seconds)

CVSS: 4.6EPSS: 0%CPEs: 16EXPL: 0

Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, on Gentoo Linux, installs certain Perl modules with an insecure DT_RPATH, which could allow local users to gain privileges. • http://www.gentoo.org/security/en/glsa/glsa-200509-05.xml •

CVSS: 5.0EPSS: 7%CPEs: 14EXPL: 0

Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop. • http://secunia.com/advisories/15930 http://secunia.com/advisories/16999 http://secunia.com/advisories/17007 http://secunia.com/advisories/17135 http://secunia.com/advisories/17217 http://secunia.com/advisories/17282 http://secunia.com/advisories/17343 http://secunia.com/advisories/18635 http://secunia.com/advisories/22875 http://secunia.com/advisories/23058 http://secunia.com/advisories/25373 http://secunia.com/advisories/25432 http://secunia.com/advisories/25787 http:/& • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0

fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack. • http://secunia.com/advisories/15471 http://secunia.com/advisories/16999 http://secunia.com/advisories/17135 http://secunia.com/advisories/18635 http://security.gentoo.org/glsa/glsa-200505-18.xml http://securitytracker.com/id?1014039 http://www.mandriva.com/security/advisories?name=MDKSA-2006:025 http://www.osvdb.org/16778 http://www.redhat.com/support/errata/RHSA-2005-373.html http://www.redhat.com/support/errata/RHSA-2005-395.html http://www.securityfocus.com/bid/137 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument. NOTE: it is not clear whether there are any standard configurations in which snmpd is installed setuid or setgid. If not, then this issue should not be included in CVE. • http://www.packetstormsecurity.org/0405-advisories/snmpdadv.txt http://www.securityfocus.com/bid/10396 https://exchange.xforce.ibmcloud.com/vulnerabilities/16245 •

CVSS: 6.4EPSS: 0%CPEs: 7EXPL: 0

Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed. Net-SNMP anteriores a 5.0.9 permite a un usuario o comunidad acceder a datos en objetos MIB , incluso si no está perimtido que los datos sean vistos. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000778 http://sourceforge.net/forum/forum.php?forum_id=308015 http://www.redhat.com/support/errata/RHSA-2003-335.html http://www.redhat.com/support/errata/RHSA-2004-023.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A869 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9802 https://access.redhat.com/security/cve/CVE-2003-0935 https://bugzilla.redhat •