CVE-2014-3565

snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message.

Published : 2014-10-07 14:55 Updated : 2016-12-24 02:59

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Net-snmp Net-snmp 5.0.9 cpe:/a:net-snmp:net-snmp:5.0.9
Net-snmp Net-snmp 5.0.8 cpe:/a:net-snmp:net-snmp:5.0.8
Net-snmp Net-snmp 5.0.5 cpe:/a:net-snmp:net-snmp:5.0.5
Net-snmp Net-snmp 5.7.0 cpe:/a:net-snmp:net-snmp:5.7.0
Net-snmp Net-snmp 5.0.7 cpe:/a:net-snmp:net-snmp:5.0.7
Canonical Ubuntu Linux 14.04 cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~
Canonical Ubuntu Linux 12.04 cpe:/o:canonical:ubuntu_linux:12.04::~~lts~~~
Net-snmp Net-snmp 5.0 cpe:/a:net-snmp:net-snmp:5.0
Apple Mac Os X 10.11.0 cpe:/o:apple:mac_os_x:10.11.0
Net-snmp Net-snmp 5.6 cpe:/a:net-snmp:net-snmp:5.6
Net-snmp Net-snmp 5.0.4 cpe:/a:net-snmp:net-snmp:5.0.4
Net-snmp Net-snmp 5.3 cpe:/a:net-snmp:net-snmp:5.3
Net-snmp Net-snmp 5.0.1 cpe:/a:net-snmp:net-snmp:5.0.1
Net-snmp Net-snmp 5.0.6 cpe:/a:net-snmp:net-snmp:5.0.6
Net-snmp Net-snmp 5.5 cpe:/a:net-snmp:net-snmp:5.5
Net-snmp Net-snmp 5.1.2 cpe:/a:net-snmp:net-snmp:5.1.2
Net-snmp Net-snmp 5.0.3 cpe:/a:net-snmp:net-snmp:5.0.3
Net-snmp Net-snmp 5.2 cpe:/a:net-snmp:net-snmp:5.2
Net-snmp Net-snmp 5.4 cpe:/a:net-snmp:net-snmp:5.4
Net-snmp Net-snmp 5.0.2 cpe:/a:net-snmp:net-snmp:5.0.2
Canonical Ubuntu Linux 15.04 cpe:/o:canonical:ubuntu_linux:15.04
Net-snmp Net-snmp 5.3.0.1 cpe:/a:net-snmp:net-snmp:5.3.0.1
Net-snmp Net-snmp 5.1 cpe:/a:net-snmp:net-snmp:5.1
  1. Canonical (1) Search CVE
    1. Ubuntu Linux (3) Search CVE
      1. 14.04
      2. 12.04
      3. 15.04
  2. Net-snmp (1) Search CVE
    1. Net-snmp (19) Search CVE
      1. 5.0.9
      2. 5.0.8
      3. 5.0.5
      4. 5.7.0
      5. 5.0.7
      6. 5.0
      7. 5.6
      8. 5.0.4
      9. 5.3
      10. 5.0.1
      11. 5.0.6
      12. 5.5
      13. 5.1.2
      14. 5.0.3
      15. 5.2
      16. 5.4
      17. 5.0.2
      18. 5.3.0.1
      19. 5.1
  3. Apple (1) Search CVE
    1. Mac Os X (1) Search CVE
      1. 10.11.0

CWE

ID Name Description Links
CWE-399 Resource Management Errors Weaknesses in this category are related to improper management of system resources. CVE

History of changes

Date Event
2014-10-07 14:55

New CVE