Total
34 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-5621 | 1 Net-snmp | 1 Net-snmp | 2018-10-10 | 7.5 HIGH | N/A |
| The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet. | |||||
| CVE-2002-1170 | 1 Net-snmp | 1 Net-snmp | 2018-05-03 | 5.0 MEDIUM | N/A |
| The handle_var_requests function in snmp_agent.c for the SNMP daemon in the Net-SNMP (formerly ucd-snmp) package 5.0.1 through 5.0.5 allows remote attackers to cause a denial of service (crash) via a NULL dereference. | |||||
| CVE-2005-4837 | 2 Net-snmp, Sourceforge | 2 Net-snmp, Net-snmp | 2017-10-11 | 10.0 HIGH | N/A |
| snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177. | |||||
| CVE-2005-1740 | 1 Net-snmp | 1 Net-snmp | 2017-10-11 | 10.0 HIGH | N/A |
| fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack. | |||||
| CVE-2003-0935 | 1 Net-snmp | 1 Net-snmp | 2017-10-11 | 6.4 MEDIUM | N/A |
| Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed. | |||||
| CVE-2008-2292 | 1 Net-snmp | 1 Net-snmp | 2017-09-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP). | |||||
| CVE-2012-6151 | 3 Apple, Canonical, Net-snmp | 3 Mac Os X, Ubuntu Linux, Net-snmp | 2017-08-29 | 4.3 MEDIUM | N/A |
| Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout. | |||||
| CVE-2012-2141 | 1 Net-snmp | 1 Net-snmp | 2017-08-29 | 3.5 LOW | N/A |
| Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an entry not in the extension table. | |||||
| CVE-2006-6305 | 1 Net-snmp | 1 Net-snmp | 2017-07-29 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Net-SNMP 5.3 before 5.3.0.1, when configured using the rocommunity or rouser snmpd.conf tokens, causes Net-SNMP to grant write access to users or communities that only have read-only access. | |||||
| CVE-2014-2285 | 1 Net-snmp | 1 Net-snmp | 2016-12-08 | 4.3 MEDIUM | N/A |
| The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl. | |||||
| CVE-2015-8100 | 1 Net-snmp | 1 Net-snmp | 2016-12-07 | 2.1 LOW | N/A |
| The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file. | |||||
| CVE-2014-2284 | 1 Net-snmp | 1 Net-snmp | 2014-09-13 | 5.0 MEDIUM | N/A |
| The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2014-2310 | 1 Net-snmp | 1 Net-snmp | 2014-04-18 | 5.0 MEDIUM | N/A |
| The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers to cause a denial of service (hang) by sending a multi-object request with an Object ID (OID) containing more subids than previous requests, a different vulnerability than CVE-2012-6151. | |||||
| CVE-2005-2811 | 1 Net-snmp | 1 Net-snmp | 2008-09-05 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, on Gentoo Linux, installs certain Perl modules with an insecure DT_RPATH, which could allow local users to gain privileges. | |||||