Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-2285

Опубликовано: 27 апр. 2014
Источник: debian
EPSS Низкий

Описание

The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
net-snmpfixed5.7.2.1~dfsg-3package
net-snmpfixed5.4.3~dfsg-2.8+deb7u1wheezypackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=1072044

  • https://bugzilla.redhat.com/show_bug.cgi?id=1072778

  • Upstream fix: http://sourceforge.net/p/net-snmp/code/ci/76e8d6d100320629d8a23be4b0128619600c919d/

  • unimportant since it only segfaults with older Perl version

  • http://www.nntp.perl.org/group/perl.perl5.porters/2006/09/msg116250.html

  • http://perl5.git.perl.org/perl.git/commitdiff/ddfa59c

EPSS

Процентиль: 86%
0.03115
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2014-2285

ubuntu
больше 11 лет назад

The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.

redhat логотип

CVE-2014-2285

redhat
больше 11 лет назад

The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.

nvd логотип

CVE-2014-2285

nvd
больше 11 лет назад

The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.

github логотип

GHSA-vjgw-84x2-wchq

github
больше 3 лет назад

The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.

oracle-oval логотип

ELSA-2014-0322

oracle-oval
больше 11 лет назад

ELSA-2014-0322: net-snmp security update (MODERATE)

EPSS

Процентиль: 86%
0.03115
Низкий