CVE-2002-0012
published 2002-02-13CVE-2002-0012: Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as…
PriorityP334critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
23.91%
97.5th percentile
Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | non-ios_products | — | — |
| microsoft | windows_nt | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2002-02-12·CVSS 10.0
CVE-2002-0012 [CRITICAL] security flaw
security flaw
Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available.
Cisco
Malformed SNMP Message-Handling Vulnerabilities for Cisco Non-IOS Products
vendor_cisco·2002-02-11
CVE-2002-0012 Malformed SNMP Message-Handling Vulnerabilities for Cisco Non-IOS Products
Malformed SNMP Message-Handling Vulnerabilities for Cisco Non-IOS Products
Multiple Cisco products contain vulnerabilities in the processing of
Simple Network Management Protocol (SNMP) messages. These vulnerabilities can
be repeatedly exploited to produce a denial of service. In most cases,
workarounds are available that may mitigate the impact. Some of these
vulnerabilities are identified by various groups as VU#617947, VU#107186, OUSPG
#0100, CAN-2002-0012, and CAN-2002-0013.
This advisory is available at
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020211-snmp-msgs-non-ios,
and it describes this vulnerability as it applies to Cisco products that do not
run Cisco IOS software.
A companion document describes this vulnerability for products t
Cisco
Malformed SNMP Message-Handling Vulnerabilities for Cisco Non-IOS Products
vendor_cisco
CVE-2002-0012 Malformed SNMP Message-Handling Vulnerabilities for Cisco Non-IOS Products
CVE-2002-0012: Malformed SNMP Message-Handling Vulnerabilities for Cisco Non-IOS Products
Multiple Cisco products contain vulnerabilities in the processing of Simple Network Management Protocol (SNMP) messages. These vulnerabilities can be repeatedly exploited to produce a denial of service. In most cases,
Bug IDs: CSCdw67458, CSCdw64236, CSCdw65996, CSCdw69634, CSCdw64918
GHSA
GHSA-f36q-vfjv-585j: Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handl
ghsa_unreviewed·2022-05-03
CVE-2002-0012 [HIGH] GHSA-f36q-vfjv-585j: Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handl
Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available.
GHSA
GHSA-j3wm-r3jm-rxjg: Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4
ghsa_unreviewed·2022-04-30·CVSS 10.0
CVE-2002-0053 [CRITICAL] CWE-119 GHSA-j3wm-r3jm-rxjg: Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4
Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available.
Suricata
GPL SNMP public access udp
suricata·2010-09-23
CVE-1999-0517 GPL SNMP public access udp
GPL SNMP public access udp
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 161 (msg:"GPL SNMP public access udp"; content:"public"; fast_pattern; reference:bugtraq,2112; reference:bugtraq,4088; reference:bugtraq,4089; reference:cve,1999-0517; reference:cve,2002-0012; reference:cve,2002-0013; classtype:attempted-recon; sid:2101411; rev:13; metadata:created_at 2010_09_23, cve CVE_1999_0517, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_10_08;)
Suricata
GPL SNMP private access tcp
suricata·2010-09-23
CVE-2002-0012 GPL SNMP private access tcp
GPL SNMP private access tcp
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 161 (msg:"GPL SNMP private access tcp"; flow:established,to_server; content:"private"; reference:bugtraq,4088; reference:bugtraq,4089; reference:bugtraq,4132; reference:cve,2002-0012; reference:cve,2002-0013; classtype:attempted-recon; sid:2101414; rev:13; metadata:created_at 2010_09_23, cve CVE_2002_0012, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL SNMP public access tcp
suricata·2010-09-23
CVE-1999-0517 GPL SNMP public access tcp
GPL SNMP public access tcp
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 161 (msg:"GPL SNMP public access tcp"; flow:established,to_server; content:"public"; reference:bugtraq,2112; reference:bugtraq,4088; reference:bugtraq,4089; reference:bugtraq,7212; reference:cve,1999-0517; reference:cve,2002-0012; reference:cve,2002-0013; classtype:attempted-recon; sid:2101412; rev:15; metadata:created_at 2010_09_23, cve CVE_1999_0517, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL SNMP private access udp
suricata·2010-09-23
CVE-2002-0012 GPL SNMP private access udp
GPL SNMP private access udp
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 161 (msg:"GPL SNMP private access udp"; content:"private"; fast_pattern; reference:bugtraq,4088; reference:bugtraq,4089; reference:bugtraq,4132; reference:bugtraq,7212; reference:cve,2002-0012; reference:cve,2002-0013; classtype:attempted-recon; sid:2101413; rev:12; metadata:created_at 2010_09_23, cve CVE_2002_0012, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_10_08;)
No public exploits indexed.
Trailofbits
The DBIR’s ‘Forest’ of Exploit Signatures
blogs_trailofbits·2016-05-05
The DBIR’s ‘Forest’ of Exploit Signatures
If you follow the recommendations in the 2016 Verizon Data Breach Investigations Report (DBIR), you will expose your organization to more risk, not less. The report’s most glaring flaw is the assertion that the TLS FREAK vulnerability is among the ‘Top 10’ most exploited on the Internet. No experienced security practitioner believes that FREAK is widely exploited. Where else did Verizon get it wrong?
This question undermines the rest of the report. The DBIR is a collaborative effort involving 60+ organizations’ proprietary data. It’s the single best source of information for enterprise defenders, which is why it’s a travesty that its section on vulnerabilities used in data breaches contains misleading data, analysis, and recommendations.
Verizon must ‘be better.’ They have to set a highe
Trailofbits
The DBIR’s ‘Forest’ of Exploit Signatures
blogs_trailofbits·2016-05-05
The DBIR’s ‘Forest’ of Exploit Signatures
If you follow the recommendations in the 2016 Verizon Data Breach Investigations Report ( DBIR ), you will expose your organization to more risk, not less. The report’s most glaring flaw is the assertion that the TLS FREAK vulnerability is among the ‘Top 10’ most exploited on the Internet. No experienced security practitioner believes that FREAK is widely exploited. Where else did Verizon get it wrong?
This question undermines the rest of the report. The DBIR is a collaborative effort involving 60+ organizations’ proprietary data. It’s the single best source of information for enterprise defenders, which is why it’s a travesty that its section on vulnerabilities used in data breaches contains misleading data, analysis, and recommendations.
Verizon must ‘be better.’ They have to set a hig
Bugzilla
CVE-2002-0012 security flaw
bugzilla·2018-08-16·CVSS 10.0
CVE-2002-0012 [CRITICAL] CVE-2002-0012 security flaw
CVE-2002-0012 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available.
ftp://patches.sgi.com/support/free/security/advisories/20020201-01-Ahttp://www.cert.org/advisories/CA-2002-03.htmlhttp://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.htmlhttp://www.iss.net/security_center/alerts/advise110.phphttp://www.kb.cert.org/vuls/id/107186http://www.redhat.com/support/errata/RHSA-2001-163.htmlhttp://www.securityfocus.com/advisories/4211http://www.securityfocus.com/bid/5043https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1048https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A144https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A161https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A298ftp://patches.sgi.com/support/free/security/advisories/20020201-01-Ahttp://www.cert.org/advisories/CA-2002-03.htmlhttp://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.htmlhttp://www.iss.net/security_center/alerts/advise110.phphttp://www.kb.cert.org/vuls/id/107186http://www.redhat.com/support/errata/RHSA-2001-163.htmlhttp://www.securityfocus.com/advisories/4211http://www.securityfocus.com/bid/5043https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1048https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A144https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A161https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A298
2002-02-13
Published