5
CVE-2014-2284
- EPSS 4.43%
- Veröffentlicht 24.03.2014 16:43:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.43% | 0.901 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://secunia.com/advisories/59974
http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml
http://secunia.com/advisories/57870
http://www.ubuntu.com/usn/USN-2166-1
http://comments.gmane.org/gmane.comp.security.oss.general/12284
http://lists.opensuse.org/opensuse-updates/2014-03/msg00060.html
http://lists.opensuse.org/opensuse-updates/2014-03/msg00061.html
http://rhn.redhat.com/errata/RHSA-2014-0321.html
http://secunia.com/advisories/57124
http://secunia.com/advisories/57526
http://secunia.com/advisories/57583
http://sourceforge.net/p/net-snmp/code/ci/a1fd64716f6794c55c34d77e618210238a73bfa1/