Debian Net-Snmp vulnerabilities

CVE-2014-2285 [MEDIUM] CVE-2014-2285: net-snmp - The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP... The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl. Scope: local bookworm: resolved

CVE-2012-2141 [LOW] CVE-2012-2141: net-snmp - Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/... Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an entry not in the extension table. Scope: local bookworm: resolved (fixed in 5.4.3~dfsg-2.5) bullseye: resolved (fixed in 5.4.3

CVE-2012-6151 [MEDIUM] CVE-2012-6151: net-snmp - Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and proce... Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout. Scope: local bookworm: resolved (fixed in 5.7.2.1~dfsg-3) bullseye: resolved (fixed in 5.7.2.1~dfsg-3) forky: resol

CVE-2009-1887 [MEDIUM] CVE-2009-1887: net-snmp - agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL)... agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309. Scope: local bookworm: resolved bullseye: resolved forky: resolv

CVE-2008-0960 [CRITICAL] CVE-2008-0960: net-snmp - SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.... SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (

CVE-2008-2292 [MEDIUM] CVE-2008-2292: net-snmp - Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5... Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP). Scope: local bookworm: resolved (fixed in 5.4.1~dfsg-8) bullseye: resolved (fixed in 5

CVE-2008-4309 [MEDIUM] CVE-2008-4309: net-snmp - Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agen... Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. Scope: local bookwo

CVE-2008-6123 [MEDIUM] CVE-2008-6123: net-snmp - The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 thr... The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion." Scope: local bookworm: resolved

CVE-2007-5846 [HIGH] CVE-2007-5846: net-snmp - The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers t... The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value. Scope: local bookworm: resolved (fixed in 5.4.1~dfsg-1) bullseye: resolved (fixed in 5.4.1~dfsg-1) forky: resolved (fixed in 5.4.1~dfsg-1) sid: resolved (fixed in 5.4.1~dfsg-1)

CVE-2006-6305 [HIGH] CVE-2006-6305: net-snmp - Unspecified vulnerability in Net-SNMP 5.3 before 5.3.0.1, when configured using ... Unspecified vulnerability in Net-SNMP 5.3 before 5.3.0.1, when configured using the rocommunity or rouser snmpd.conf tokens, causes Net-SNMP to grant write access to users or communities that only have read-only access. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2005-4837 [MEDIUM] CVE-2005-4837: net-snmp - snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.... snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177. Scope: local bookworm: resolved (fixe

CVE-2005-1740 [CRITICAL] CVE-2005-1740: net-snmp - fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, whic... fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2005-2811 [MEDIUM] CVE-2005-2811: net-snmp - Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, on Gentoo L... Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, on Gentoo Linux, installs certain Perl modules with an insecure DT_RPATH, which could allow local users to gain privileges. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2005-2177 [MEDIUM] CVE-2005-2177: net-snmp - Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp i... Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop. Scope: local bookworm: resolved (fixed in 5.2.1.2-1) bullseye: resolved (fixed in 5.2.1.2-1) forky: r

CVE-2004-2300 [HIGH] CVE-2004-2300: net-snmp - Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid ro... Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument. NOTE: it is not clear whether there are any standard configurations in which snmpd is installed setuid or setgid. If not, then this issue should not be included in CVE. Scope: local bookworm: resolved bu

CVE-2003-0935 [MEDIUM] CVE-2003-0935: net-snmp - Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, ... Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed. Scope: local bookworm: resolved (fixed in 5.0.9) bullseye: resolved (fixed in 5.0.9) forky: resolved (fixed in 5.0.9) sid: resolved (fixed in 5.0.9) trixie: resolved (fixed in 5.0.9)

CVE-2002-1170 [MEDIUM] CVE-2002-1170: net-snmp - The handle_var_requests function in snmp_agent.c for the SNMP daemon in the Net-... The handle_var_requests function in snmp_agent.c for the SNMP daemon in the Net-SNMP (formerly ucd-snmp) package 5.0.1 through 5.0.5 allows remote attackers to cause a denial of service (crash) via a NULL dereference. Scope: local bookworm: resolved (fixed in 5.0.6) bullseye: resolved (fixed in 5.0.6) forky: resolved (fixed in 5.0.6) sid: resolved (fixed in 5.0.6)