Net-snmp

Net-snmp

34 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2019-20892

Exploit
  • EPSS 0.54%
  • Published 25.06.2020 10:15:10
  • Last modified 21.11.2024 04:39:37

net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream...

7.5

CVE-2018-18066

Exploit
  • EPSS 0.59%
  • Published 08.10.2018 18:29:00
  • Last modified 06.05.2025 15:15:54

snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

6.5

CVE-2018-18065

Exploit
  • EPSS 4.29%
  • Published 08.10.2018 18:29:00
  • Last modified 21.11.2024 03:55:25

_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

9.8

CVE-2018-1000116

Exploit
  • EPSS 5.9%
  • Published 07.03.2018 14:29:00
  • Last modified 21.11.2024 03:39:40

NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.

2.1

CVE-2015-8100

  • EPSS 0.14%
  • Published 10.11.2015 03:59:02
  • Last modified 12.04.2025 10:46:40

The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file.

7.5

CVE-2015-5621

Exploit
  • EPSS 19.58%
  • Published 19.08.2015 15:59:09
  • Last modified 12.04.2025 10:46:40

The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and po...

5

CVE-2014-3565

Exploit
  • EPSS 12.65%
  • Published 07.10.2014 14:55:04
  • Last modified 12.04.2025 10:46:40

snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB f...

4.3

CVE-2014-2285

  • EPSS 3.12%
  • Published 27.04.2014 22:55:05
  • Last modified 12.04.2025 10:46:40

The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP...

5

CVE-2014-2310

  • EPSS 0.95%
  • Published 17.04.2014 14:55:11
  • Last modified 12.04.2025 10:46:40

The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers to cause a denial of service (hang) by sending a multi-object request with an Object ID (OID) containing more subids than previous requests, a different vulnerability than CVE-2012-...

5

CVE-2014-2284

  • EPSS 4.31%
  • Published 24.03.2014 16:43:02
  • Last modified 12.04.2025 10:46:40

The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors.