Lucene search

[email protected]CVE-2015-8100

HistoryNov 10, 2015 - 3:59 a.m.

CVE-2015-8100

2015-11-1003:59:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2015-8100

net-snmp

openbsd

permissions

snmpd.conf

sensitive information

local users

nvd

5.6 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file.

CPENameOperatorVersion
net-snmp:net-snmpnet-snmple5.8

CPE	Name	Operator	Version
net-snmp:net-snmp	net-snmp	le	5.8

References

packetstormsecurity.com/files/134323/OpenBSD-net-snmp-Information-Disclosure.html

www.openwall.com/lists/oss-security/2015/11/09/6

www.securitytracker.com/id/1034099

5.6 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2015-8100

debiancve1 osv1 prion1 cbl_mariner1 veracode1 ubuntucve1 zdt1 alpinelinux1 packetstorm1 ibm1 rosalinux1