5

CVE-2005-2177

Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Net-snmpNet-snmp Version5.0
Net-snmpNet-snmp Version5.0.1
Net-snmpNet-snmp Version5.0.2
Net-snmpNet-snmp Version5.0.3
Net-snmpNet-snmp Version5.0.4_pre2
Net-snmpNet-snmp Version5.0.5
Net-snmpNet-snmp Version5.0.6
Net-snmpNet-snmp Version5.0.7
Net-snmpNet-snmp Version5.0.8
Net-snmpNet-snmp Version5.0.9
Net-snmpNet-snmp Version5.0.10
Net-snmpNet-snmp Version5.1.3
Net-snmpNet-snmp Version5.2
Net-snmpNet-snmp Version5.2.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.93% 0.89
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/17135
Vendor Advisory
http://secunia.com/advisories/22875
Vendor Advisory
http://www.securityfocus.com/archive/1/451404/100/0/threaded
http://www.securityfocus.com/archive/1/451417/100/200/threaded
http://www.securityfocus.com/archive/1/451426/100/200/threaded
http://www.vmware.com/download/esx/esx-202-200610-patch.html
http://www.vmware.com/download/esx/esx-213-200610-patch.html
http://www.vupen.com/english/advisories/2006/4502
Vendor Advisory
http://secunia.com/advisories/16999
Vendor Advisory
http://secunia.com/advisories/18635
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:025
http://www.redhat.com/support/errata/RHSA-2005-373.html
http://www.redhat.com/support/errata/RHSA-2005-395.html
http://secunia.com/advisories/15930
Vendor Advisory
http://secunia.com/advisories/17007
Vendor Advisory
http://secunia.com/advisories/17217
Vendor Advisory
http://secunia.com/advisories/17282
Vendor Advisory
http://secunia.com/advisories/17343
Vendor Advisory
http://secunia.com/advisories/23058
Vendor Advisory
http://secunia.com/advisories/25373
Vendor Advisory
http://secunia.com/advisories/25432
Vendor Advisory
http://secunia.com/advisories/25787
Vendor Advisory
http://securitytracker.com/id?1017273
http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455
Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1
http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf
http://www.debian.org/security/2005/dsa-873
http://www.net-snmp.org/about/ChangeLog.html
http://www.novell.com/linux/security/advisories/2005_24_sr.html
http://www.novell.com/linux/security/advisories/2007_12_sr.html
http://www.novell.com/linux/security/advisories/2007_13_sr.html
http://www.redhat.com/support/errata/RHSA-2005-720.html
http://www.securityfocus.com/archive/1/451419/100/200/threaded
http://www.securityfocus.com/bid/14168
http://www.securityfocus.com/bid/21256
http://www.trustix.org/errata/2005/0034/
Patch
Vendor Advisory
http://www.ubuntu.com/usn/usn-190-1
http://www.vmware.com/download/esx/esx-254-200610-patch.html
http://www.vupen.com/english/advisories/2006/4677
Vendor Advisory
http://www.vupen.com/english/advisories/2007/1883
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986