3 results (0.018 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument. NOTE: it is not clear whether there are any standard configurations in which snmpd is installed setuid or setgid. If not, then this issue should not be included in CVE. • http://www.packetstormsecurity.org/0405-advisories/snmpdadv.txt http://www.securityfocus.com/bid/10396 https://exchange.xforce.ibmcloud.com/vulnerabilities/16245 •

CVSS: 7.5EPSS: 9%CPEs: 1EXPL: 3

Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array. Desbordamiento de búfer basado en la pila in snmpnetstat en ucd-snmp 4.2.3 y anteriores y net-snmp, permita atacantes remotos ejecutar código arbitrario múltiples mensajes PDU getnextrequest con variables ifindex en conflicto, que hace que snmpnetstat escriba datos de variables más allá del fin del array. • https://www.exploit-db.com/exploits/21200 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000696 http://www.securityfocus.com/archive/1/248141 http://www.securityfocus.com/bid/3780 https://exchange.xforce.ibmcloud.com/vulnerabilities/7776 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote attackers to obtain sensitive information. • https://exchange.xforce.ibmcloud.com/vulnerabilities/2086 •