20 matches found
EUVD-2014-1528
Malware in sbrugna...
EUVD-2015-5627
Malware in sbrugna...
CVE-2019-5610
In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. A remote user...
Out-of-bounds
In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. A remote user...
CVE-2015-5677
bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config file, which allows local users to obtain the secret key for USM authentication by reading the file...
Authentication flaw
bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config file, which allows local users to obtain the secret key for USM authentication by reading the file...
CVE-2015-5677
bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config file, which allows local users to obtain the secret key for USM authentication by reading the file...
CVE-2015-5677
The CVE-2015-5677 issue affects FreeBSD’s bsnmpd in 9.3, 10.1 and 10.2, where the snmpd.config file has world-readable permissions (0644) allowing a local user to read the USM shared secret. This is due to insecure default permissions on the configuration file, enabling potential disclosure of th...
FreeBSD : FreeBSD -- bsnmpd remote denial of service vulnerability (4c96ecf2-5fd9-11e6-a6c3-14dae9d210b8)
Problem Description : The bsnmpd8 daemon is prone to a stack-based buffer-overflow when it has received a specifically crafted GETBULK PDU request. Impact : This issue could be exploited to execute arbitrary code in the context of the service daemon, or crash the service daemon, causing a...
FreeBSD Configuration Information Disclosure Vulnerability
FreeBSD is a Unix-like operating system. FreeBSD suffers from a configuration information disclosure vulnerability that allows an attacker to access the daemon configuration file /etc/bsnmpd.conf due to the presence of an insecure default configuration in FreeBSD...
FreeBSD bsnmpd Information Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory Information Title: FreeBSD bsnmpd information disclosure Advisory URL: https://pierrekim.github.io/advisories/CVE-2015-5677-freebsd-bsnmpd.txt Blog URL: https://pierrekim.github.io/blog/2016-01-15-cve-2015-5677-freebsd-bsnmpd.html Date...
FreeBSD-SA-16:06.bsnmpd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:06.bsnmpd Security Advisory The FreeBSD Project Topic: Insecure default snmpd.config permissions Category: contrib Module: bsnmpd Announced: 2016-01-14...
FreeBSD bsnmpd GETBULK PDU Stack Buffer Overflow - ver 2 (CVE-2014-1452)
A remote code execution vulnerability exists in the FreeBSD. The vulnerability is caused due to improper handling of crafted GETBULK PDU requests. A remote, unauthenticated attacker can exploit these vulnerabilities to execute arbitrary code on the target system within the security context of...
FreeBSD bsnmpd GETBULK PDU Stack Buffer Overflow (CVE-2014-1452)
A remote code execution vulnerability exists in the FreeBSD. The vulnerability is caused due to improper handling of crafted GETBULK PDU requests. A remote,unauthenticated attacker can exploit these vulnerabilities to execute arbitrary code on the target system within the security context of bsnm...
Stack overflow
Stack-based buffer overflow in lib/snmpagent.c in bsnmpd, as used in FreeBSD 8.3 through 10.0, allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a crafted GETBULK PDU request...
CVE-2014-1452
Stack-based buffer overflow in lib/snmpagent.c in bsnmpd, as used in FreeBSD 8.3 through 10.0, allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a crafted GETBULK PDU request...
FreeBSD Security Advisory FreeBSD-SA-14:01.bsnmpd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:01.bsnmpd Security Advisory The FreeBSD Project Topic: bsnmpd remote denial of service vulnerability Category: contrib Module: bsnmp Announced: 2014-01-14...
FreeBSD bsnmpd 'GETBULK PDU'请求远程栈缓冲区溢出漏洞
BUGTRAQ ID: 64967 CVECAN ID: CVE-2014-1452 FreeBSD bsnmpd是简单的可扩展SNMP后台程序。 bsnmpd8后台程序在处理特制的GETBULK PDU请求时存在栈缓冲区溢出漏洞,成功利用后可导致在服务程序上下文中执行任意代码,造成拒绝服务。 0 FreeBSD FreeBSD 9.x 临时解决方法: FreeBSD推荐下列三种做法: 1 升级您现在受影响的系统到漏洞修复日期后的FreeBSD stable或 release / security branch releng。 2 用源代码补丁更新您的受影响系统:...
FreeBSD-SA-14:01.bsnmpd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:01.bsnmpd Security Advisory The FreeBSD Project Topic: bsnmpd remote denial of service vulnerability Category: contrib Module: bsnmp Announced: 2014-01-14...
FreeBSD -- bsnmpd remote denial of service vulnerability
Problem Description: The bsnmpd8 daemon is prone to a stack-based buffer-overflow when it has received a specifically crafted GETBULK PDU request. Impact: This issue could be exploited to execute arbitrary code in the context of the service daemon, or crash the service daemon, causing a...