CVE-2014-2285

The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.

Published : 2014-04-27 22:55 Updated : 2016-12-08 03:05

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Net-snmp Net-snmp 5.7.3 cpe:/a:net-snmp:net-snmp:5.7.3:pre1
  1. Net-snmp (1) Search CVE
    1. Net-snmp (1) Search CVE
      1. 5.7.3

CWE

ID Name Description Links
CWE-20 Improper Input Validation The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program. CVE

History of changes

Date Event
2014-04-27 22:55

New CVE