Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
amazonAmazonALAS-2014-316
HistoryMar 24, 2014 - 11:39 p.m.

Medium: net-snmp

2014-03-2423:39:00
alas.aws.amazon.com
14

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.147 Low

EPSS

Percentile

95.7%

JSON

Issue Overview:

A buffer overflow flaw was found in the way the decode_icmp_msg() function in the ICMP-MIB implementation processed Internet Control Message Protocol (ICMP) message statistics reported in the /proc/net/snmp file. A remote attacker could send a message for each ICMP message type, which could potentially cause the snmpd service to crash when processing the /proc/net/snmp file. (CVE-2014-2284)

Affected Packages:

net-snmp

Issue Correction:
Run yum update net-snmp to update your system.

New Packages:

i686:  
    net-snmp-5.5-49.18.amzn1.i686  
    net-snmp-libs-5.5-49.18.amzn1.i686  
    net-snmp-utils-5.5-49.18.amzn1.i686  
    net-snmp-perl-5.5-49.18.amzn1.i686  
    net-snmp-devel-5.5-49.18.amzn1.i686  
    net-snmp-debuginfo-5.5-49.18.amzn1.i686  
    net-snmp-python-5.5-49.18.amzn1.i686  
  
src:  
    net-snmp-5.5-49.18.amzn1.src  
  
x86_64:  
    net-snmp-debuginfo-5.5-49.18.amzn1.x86_64  
    net-snmp-python-5.5-49.18.amzn1.x86_64  
    net-snmp-perl-5.5-49.18.amzn1.x86_64  
    net-snmp-utils-5.5-49.18.amzn1.x86_64  
    net-snmp-devel-5.5-49.18.amzn1.x86_64  
    net-snmp-libs-5.5-49.18.amzn1.x86_64  
    net-snmp-5.5-49.18.amzn1.x86_64

Additional References

Red Hat: CVE-2012-6151, CVE-2014-2284

Mitre: CVE-2012-6151, CVE-2014-2284

OSVersionArchitecturePackageVersionFilename
Amazon Linux1i686net-snmp< 5.5-49.18.amzn1net-snmp-5.5-49.18.amzn1.i686.rpm
Amazon Linux1i686net-snmp-libs< 5.5-49.18.amzn1net-snmp-libs-5.5-49.18.amzn1.i686.rpm
Amazon Linux1i686net-snmp-utils< 5.5-49.18.amzn1net-snmp-utils-5.5-49.18.amzn1.i686.rpm
Amazon Linux1i686net-snmp-perl< 5.5-49.18.amzn1net-snmp-perl-5.5-49.18.amzn1.i686.rpm
Amazon Linux1i686net-snmp-devel< 5.5-49.18.amzn1net-snmp-devel-5.5-49.18.amzn1.i686.rpm
Amazon Linux1i686net-snmp-debuginfo< 5.5-49.18.amzn1net-snmp-debuginfo-5.5-49.18.amzn1.i686.rpm
Amazon Linux1i686net-snmp-python< 5.5-49.18.amzn1net-snmp-python-5.5-49.18.amzn1.i686.rpm
Amazon Linux1x86_64net-snmp-debuginfo< 5.5-49.18.amzn1net-snmp-debuginfo-5.5-49.18.amzn1.x86_64.rpm
Amazon Linux1x86_64net-snmp-python< 5.5-49.18.amzn1net-snmp-python-5.5-49.18.amzn1.x86_64.rpm
Amazon Linux1x86_64net-snmp-perl< 5.5-49.18.amzn1net-snmp-perl-5.5-49.18.amzn1.x86_64.rpm
Rows per page:
1-10 of 141

Related

nessus 27
openvas 28
securityvulns 8
gentoo 1
ubuntu 1
prion 3
f5 2
fedora 5
debiancve 3
ubuntucve 3
veracode 3
cve 3
mageia 2
oraclelinux 2
centos 2
redhat 2
ibm 1
rosalinux 1
nessus
nessus
Amazon Linux AMI : net-snmp (ALAS-2014-316)
2014-03-28 00:00:00
GLSA-201409-02 : Net-SNMP: Denial of Service
2014-09-02 00:00:00
Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : net-snmp vulnerabilities (USN-2166-1)
2014-04-15 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2014-316)
2015-09-08 00:00:00
Ubuntu Update for net-snmp USN-2166-1
2014-04-15 00:00:00
Gentoo Security Advisory GLSA 201409-02
2015-09-29 00:00:00
securityvulns
securityvulns
[USN-2166-1] Net-SNMP vulnerabilities
2014-05-04 00:00:00
Net-SNMP multiple security vulnerabilities
2014-05-04 00:00:00
Net-SNMP DoS
2014-03-24 00:00:00
gentoo
gentoo
Net-SNMP: Denial of service
2014-09-01 00:00:00
ubuntu
ubuntu
Net-SNMP vulnerabilities
2014-04-14 00:00:00
prion
prion
Code injection
2013-12-13 18:55:00
Input validation
2014-03-24 16:43:00
Design/Logic Flaw
2014-04-17 14:55:00
f5
f5
K16476 : NET-SNMP vulnerability CVE-2012-6151
2015-07-24 00:00:00
SOL16476 - NET-SNMP vulnerability CVE-2012-6151
2015-04-21 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: net-snmp-5.7.2-16.fc20
2014-01-07 09:47:46
[SECURITY] Fedora 19 Update: net-snmp-5.7.2-13.fc19
2014-01-07 09:35:39
[SECURITY] Fedora 18 Update: net-snmp-5.7.2-7.fc18
2014-01-07 09:40:13
debiancve
debiancve
CVE-2012-6151
2013-12-13 18:55:00
CVE-2014-2284
2014-03-24 16:43:00
CVE-2014-2310
2014-04-17 14:55:00
ubuntucve
ubuntucve
CVE-2012-6151
2013-12-13 00:00:00
CVE-2014-2284
2014-03-24 00:00:00
CVE-2014-2310
2014-03-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:52:11
Denial Of Service
2019-01-15 08:58:54
Denial Of Service (DoS)
2019-05-02 05:01:56
cve
cve
CVE-2012-6151
2013-12-13 18:55:00
CVE-2014-2284
2014-03-24 16:43:00
CVE-2014-2310
2014-04-17 14:55:00
mageia
mageia
Updated net-snmp packages fix CVE-2012-6151
2014-01-21 20:16:21
Updated net-snmp packages fix two vulnerabilities
2014-03-07 18:16:46
oraclelinux
oraclelinux
net-snmp security and bug fix update
2014-03-24 00:00:00
net-snmp security update
2014-03-24 00:00:00
centos
centos
net security update
2014-03-24 20:46:56
net security update
2014-03-24 20:45:45
redhat
redhat
(RHSA-2014:0321) Moderate: net-snmp security and bug fix update
2014-03-24 00:00:00
(RHSA-2014:0322) Moderate: net-snmp security update
2014-03-24 00:00:00
ibm
ibm
Security Bulletin: Tivoli Storage Productivity Center is affected by the following Net-SNMP vulnerabilities: CVE-2014-2284, CVE-2014-2285
2022-08-19 18:23:31
rosalinux
rosalinux
Advisory ROSA-SA-2021-1929
2021-07-02 17:32:57

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.147 Low

EPSS

Percentile

95.7%

JSON
Related for ALAS-2014-316
nessus27openvas28securityvulns8gentoo1ubuntu1prion3f52fedora5debiancve3ubuntucve3veracode3cve3mageia2oraclelinux2centos2redhat2ibm1rosalinux1