Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD3E0072D4-D05B-11D9-9AED-000E0C2E438A
HistoryMay 23, 2005 - 12:00 a.m.

net-snmp -- fixproc insecure temporary file creation

2005-05-2300:00:00
vuxml.freebsd.org
18

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

14.8%

JSON

A Gentoo advisory reports:

Net-SNMP creates temporary files in an insecure manner,
possibly allowing the execution of arbitrary code.
A malicious local attacker could exploit a race condition
to change the content of the temporary files before they
are executed by fixproc, possibly leading to the execution
of arbitrary code. A local attacker could also create
symbolic links in the temporary files directory, pointing
to a valid file somewhere on the filesystem. When fixproc
is executed, this would result in the file being
overwritten.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchnet-snmp< 5.2.1.2UNKNOWN

Related

openvas 4
cve 1
nessus 8
gentoo 1
debiancve 1
ubuntucve 1
securityvulns 1
redhat 2
centos 2
openvas
openvas
Gentoo Security Advisory GLSA 200505-18 (net-snmp)
2008-09-24 00:00:00
FreeBSD Ports: net-snmp
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200505-18 (net-snmp)
2008-09-24 00:00:00
cve
cve
CVE-2005-1740
2005-05-24 04:00:00
nessus
nessus
FreeBSD : net-snmp -- fixproc insecure temporary file creation (3e0072d4-d05b-11d9-9aed-000e0c2e438a)
2005-07-13 00:00:00
GLSA-200505-18 : Net-SNMP: fixproc insecure temporary file creation
2005-05-28 00:00:00
Fedora Core 3 : net-snmp-5.2.1.2-FC3.1 (2005-562)
2005-07-14 00:00:00
gentoo
gentoo
Net-SNMP: fixproc insecure temporary file creation
2005-05-23 00:00:00
debiancve
debiancve
CVE-2005-1740
2005-05-24 04:00:00
ubuntucve
ubuntucve
CVE-2005-1740
2005-05-24 00:00:00
securityvulns
securityvulns
[Full-disclosure] [ MDKSA-2006:025 ] - Updated net-snmp packages fix vulnerabilities
2006-01-27 00:00:00
redhat
redhat
(RHSA-2005:395) net-snmp security update
2005-10-05 00:00:00
(RHSA-2005:373) net-snmp security update
2005-09-28 00:00:00
centos
centos
net security update
2005-10-05 16:15:27
net security update
2005-09-28 16:11:45

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

14.8%

JSON
Related for 3E0072D4-D05B-11D9-9AED-000E0C2E438A
openvas4cve1nessus8gentoo1debiancve1ubuntucve1securityvulns1redhat2centos2