| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2018-18065 |
4 Net-snmp, Netapp, Canonical and 1 more |
8 Net-snmp, Cloud Backup, Hyper Converged Infrastructure and 5 more |
2019-03-21 |
4.0 |
| _set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. |
| CVE-2018-18066 |
2 Net-snmp, Netapp |
6 Net-snmp, Cloud Backup, Hyper Converged Infrastructure and 3 more |
2018-11-26 |
5.0 |
| snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. |
| CVE-2005-2177 |
1 Net-snmp |
1 Net-snmp |
2018-10-19 |
5.0 |
| Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which... |
| CVE-2007-5846 |
1 Net-snmp |
1 Net-snmp |
2018-10-15 |
7.8 |
| The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value. |
| CVE-2008-4309 |
1 Net-snmp |
1 Net-snmp |
2018-10-11 |
5.0 |
| Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK... |
| CVE-2015-5621 |
1 Net-snmp |
1 Net-snmp |
2018-10-10 |
7.5 |
| The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash)... |
| CVE-2002-1170 |
1 Net-snmp |
1 Net-snmp |
2018-05-03 |
5.0 |
| The handle_var_requests function in snmp_agent.c for the SNMP daemon in the Net-SNMP (formerly ucd-snmp) package 5.0.1 through 5.0.5 allows remote attackers to cause a denial of service (crash) via a NULL dereference. |
| CVE-2018-1000116 |
2 Net-snmp, Debian |
2 Net-snmp, Debian Linux |
2018-03-30 |
7.5 |
| NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution. |
| CVE-2005-4837 |
2 Net-snmp, Sourceforge |
2 Net-snmp, Net-snmp |
2017-10-11 |
10.0 |
| snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which... |
| CVE-2005-1740 |
1 Net-snmp |
1 Net-snmp |
2017-10-11 |
10.0 |
| fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack. |
| CVE-2003-0935 |
1 Net-snmp |
1 Net-snmp |
2017-10-11 |
6.4 |
| Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed. |
| CVE-2009-1887 |
3 Red Hat, Net-snmp, Redhat |
3 Enterprise Linux, Enterprise Linux, Net-snmp |
2017-09-29 |
5.0 |
| agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this... |
| CVE-2008-6123 |
1 Net-snmp |
2 Net-snmp, Net Snmp |
2017-09-29 |
5.0 |
| The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access... |
| CVE-2008-2292 |
1 Net-snmp |
1 Net-snmp |
2017-09-29 |
6.8 |
| Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING... |
| CVE-2012-6151 |
3 Apple, Net-snmp, Canonical |
3 Mac Os X, Ubuntu Linux, Net-snmp |
2017-08-29 |
4.3 |
| Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout. |
| CVE-2012-2141 |
1 Net-snmp |
1 Net-snmp |
2017-08-29 |
3.5 |
| Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an... |
| CVE-2006-6305 |
1 Net-snmp |
1 Net-snmp |
2017-07-29 |
7.5 |
| Unspecified vulnerability in Net-SNMP 5.3 before 5.3.0.1, when configured using the rocommunity or rouser snmpd.conf tokens, causes Net-SNMP to grant write access to users or communities that only have read-only access. |
| CVE-2014-3565 |
3 Apple, Net-snmp, Canonical |
3 Ubuntu Linux, Mac Os X, Net-snmp |
2016-12-24 |
5.0 |
| snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the... |
| CVE-2014-2285 |
1 Net-snmp |
1 Net-snmp |
2016-12-08 |
4.3 |
| The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an... |
| CVE-2015-8100 |
1 Net-snmp |
1 Net-snmp |
2016-12-07 |
2.1 |
| The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file. |
