CVE-2008-2292

Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).

Published : 2008-05-18 14:20 Updated : 2017-09-29 01:31

6.8
CVSS Score More info
Score 6.8 / 10
6.8
Vendor Product Version URI
Net-snmp Net-snmp 5.2.4 cpe:/a:net-snmp:net-snmp:5.2.4
Net-snmp Net-snmp 5.1.4 cpe:/a:net-snmp:net-snmp:5.1.4
Net-snmp Net-snmp 5.4.1 cpe:/a:net-snmp:net-snmp:5.4.1
  1. Net-snmp (1) Search CVE
    1. Net-snmp (3) Search CVE
      1. 5.2.4
      2. 5.1.4
      3. 5.4.1

CWE

ID Name Description Links
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. CVE

History of changes

Date Event
2017-08-08 05:39
2008-05-18 14:20

New CVE