Описание
The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 5.7.3+dfsg-1ubuntu1 |
| esm-infra-legacy/trusty | released | 5.7.2~dfsg-8.1ubuntu3.1 |
| precise | released | 5.4.3~dfsg-2.4ubuntu1.3 |
| trusty | released | 5.7.2~dfsg-8.1ubuntu3.1 |
| trusty/esm | released | 5.7.2~dfsg-8.1ubuntu3.1 |
| upstream | needed | |
| vivid | released | 5.7.2~dfsg-8.1ubuntu5.1 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlie ...
EPSS
7.5 High
CVSS2