Lucene search
SAINT CorporationSAINT:FC9A42BB12ADCF7F88B13E88699A4CEBHistoryMar 12, 2007 - 12:00 a.m.
snmpXdmid buffer overflow
2007-03-1200:00:00
SAINT Corporation
www.saintcorporation.com
18
0.78 High
EPSS
Percentile
97.9%
Added: 03/12/2007
CVE: CVE-2001-0236
BID: 2417
OSVDB: 546
Background
The SNMP to DMI mapper daemon (snmpXdmid) translates Simple Network Management Protocol (SNMP) events to Desktop Management Interface (DMI) indications and vice-versa.
Problem
snmpXdmid is affected by a buffer overflow vulnerability when a specially crafted indication event is translated into an SNMP trap. This could allow a remote attacker to execute arbitrary commands.
Resolution
Apply one of the patches referenced in Sun Bulletin 00207 or disable snmpXdmid as shown in CERT Advisory 2001-05.
References
<http://www.cert.org/advisories/CA-2001-05.html>
Limitations
There may be a delay before this exploit succeeds.
Platforms
SunOS 5.7 / Solaris 7
SunOS 5.8 / Solaris 8
Related
securityvulns
securityvulns
Solaris /usr/lib/dmi/snmpXdmid vulnerability
2001-03-15 00:00:00
canvas
canvas
Immunity Canvas: SNMPXDMID
2001-05-03 04:00:00
openvas
openvas
snmpXdmid overflow
2005-11-03 00:00:00
snmpXdmid overflow
2005-11-03 00:00:00
saint
saint
snmpXdmid buffer overflow
2007-03-12 00:00:00
snmpXdmid buffer overflow
2007-03-12 00:00:00
snmpXdmid buffer overflow
2007-03-12 00:00:00
nessus
nessus
Solaris snmpXdmid Long Indication Event Overflow (ELVISCICADA)
2001-05-03 00:00:00
cert
cert
Sun Solaris DMI to SNMP mapper daemon snmpXdmid contains buffer overflow
2001-03-26 00:00:00
cve
cve
CVE-2001-0236
2001-05-03 04:00:00
trendmicroblog
trendmicroblog