91 matches found
Net-SNMP GETBULK请求整数溢出拒绝服务漏洞
CVECAN ID: CVE-2008-4309 Net-SNMP是一个免费的、开放源码的SNMP实现,以前称为UCD-SNMP。 Net-SNMP的实现上存在漏洞,远程攻击者可能利用此漏洞导致服务器拒绝服务。问题存在于agent/snmpagent.c文件的netsnmpcreatesubtreecache函数中,精心构造的畸形的SNMP GETBULK请求会导致函数发生整数溢出,在后续的处理中导致服务进程崩溃。 0 Net-SNMP net-snmp 5.4.x 5.4.2.1 Net-SNMP net-snmp 5.3.x 5.3.2.3 Net-SNMP net-snmp 5.2...
RHEL 3 / 4 / 5 : net-snmp (RHSA-2008:0971)
Updated net-snmp packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Simple Network Management Protocol SNMP is a protocol used for network...
CVE-2008-4309
Integer overflow in the netsnmpcreatesubtreecache function in agent/snmpagent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service crash via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow,...
CVE-2008-4309
Integer overflow in the netsnmpcreatesubtreecache function in agent/snmpagent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service crash via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow,...
CVE-2008-4309
Integer overflow in the netsnmpcreatesubtreecache function in agent/snmpagent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service crash via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow,...
CVE-2008-4309
Net-SNMP vulnerability CVE-2008-4309: an integer overflow in netsnmp_create_subtree_cache() in agent/snmp_agent.c allows remote DoS via crafted SNMP GETBULK requests, causing a heap-based overflow and crash. Affected are net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1. Mit...
CVE-2008-4309
Integer overflow in the netsnmpcreatesubtreecache function in agent/snmpagent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service crash via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow,...
CVE-2007-4309
CVE-2007-4309 affects IBM Lotus Notes 5.x through 7.0.2. The description states that user‑assisted remote authenticated administrators can obtain a cleartext notes.id password by setting notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile, making this a vulnerability separate from CVE-2005-2696. ...
Solaris 10 (sparc) : 120272-40 (deprecated)
SunOS 5.10: SMA patch. Date this patch was last updated by Sun : May/11/17 This plugin has been deprecated and either replaced with individual 120272 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2018/03/12...
CVE-2005-4309
CVE-2005-4309 concerns ezUpload Pro 2.2 and earlier. The vulnerability is an SQL injection in the application’s search module parameters, allowing remote attackers to execute arbitrary SQL commands. The available documents confirm the affected product (ezUpload Pro 2.2 and earlier) and the root c...
MS:79B27019-3090-4309-BFDC-C8BE9B21AB96
...