Описание
Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array.
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.2.3 (включая)
cpe:2.3:a:ucd-snmp:ucd-snmp:*:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.13951
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 22 лет назад
Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earli ...
github
почти 4 года назад
Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array.
EPSS
Процентиль: 94%
0.13951
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other