EUVD-2014-1528

Malware in sbrugna...

EUVD-2015-5627

Malware in sbrugna...

CVE-2019-5610

In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. A remote user...

Out-of-bounds

In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. A remote user...

Authentication flaw

bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config file, which allows local users to obtain the secret key for USM authentication by reading the file...

CVE-2015-5677

bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config file, which allows local users to obtain the secret key for USM authentication by reading the file...

CVE-2015-5677

The CVE-2015-5677 issue affects FreeBSD’s bsnmpd in 9.3, 10.1 and 10.2, where the snmpd.config file has world-readable permissions (0644) allowing a local user to read the USM shared secret. This is due to insecure default permissions on the configuration file, enabling potential disclosure of th...

CVE-2015-5677

bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config file, which allows local users to obtain the secret key for USM authentication by reading the file...

FreeBSD : FreeBSD -- bsnmpd remote denial of service vulnerability (4c96ecf2-5fd9-11e6-a6c3-14dae9d210b8)

Problem Description : The bsnmpd8 daemon is prone to a stack-based buffer-overflow when it has received a specifically crafted GETBULK PDU request. Impact : This issue could be exploited to execute arbitrary code in the context of the service daemon, or crash the service daemon, causing a...

FreeBSD Configuration Information Disclosure Vulnerability

FreeBSD is a Unix-like operating system. FreeBSD suffers from a configuration information disclosure vulnerability that allows an attacker to access the daemon configuration file /etc/bsnmpd.conf due to the presence of an insecure default configuration in FreeBSD...

FreeBSD bsnmpd Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory Information Title: FreeBSD bsnmpd information disclosure Advisory URL: https://pierrekim.github.io/advisories/CVE-2015-5677-freebsd-bsnmpd.txt Blog URL: https://pierrekim.github.io/blog/2016-01-15-cve-2015-5677-freebsd-bsnmpd.html Date...

FreeBSD-SA-16:06.bsnmpd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:06.bsnmpd Security Advisory The FreeBSD Project Topic: Insecure default snmpd.config permissions Category: contrib Module: bsnmpd Announced: 2016-01-14...

FreeBSD bsnmpd GETBULK PDU Stack Buffer Overflow - ver 2 (CVE-2014-1452)

A remote code execution vulnerability exists in the FreeBSD. The vulnerability is caused due to improper handling of crafted GETBULK PDU requests. A remote, unauthenticated attacker can exploit these vulnerabilities to execute arbitrary code on the target system within the security context of...

FreeBSD bsnmpd GETBULK PDU Stack Buffer Overflow (CVE-2014-1452)

A remote code execution vulnerability exists in the FreeBSD. The vulnerability is caused due to improper handling of crafted GETBULK PDU requests. A remote,unauthenticated attacker can exploit these vulnerabilities to execute arbitrary code on the target system within the security context of bsnm...

Stack overflow

Stack-based buffer overflow in lib/snmpagent.c in bsnmpd, as used in FreeBSD 8.3 through 10.0, allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a crafted GETBULK PDU request...

CVE-2014-1452

Stack-based buffer overflow in lib/snmpagent.c in bsnmpd, as used in FreeBSD 8.3 through 10.0, allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a crafted GETBULK PDU request...

FreeBSD Security Advisory FreeBSD-SA-14:01.bsnmpd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:01.bsnmpd Security Advisory The FreeBSD Project Topic: bsnmpd remote denial of service vulnerability Category: contrib Module: bsnmp Announced: 2014-01-14...

FreeBSD bsnmpd 'GETBULK PDU'请求远程栈缓冲区溢出漏洞

BUGTRAQ ID: 64967 CVECAN ID: CVE-2014-1452 FreeBSD bsnmpd是简单的可扩展SNMP后台程序。 bsnmpd8后台程序在处理特制的GETBULK PDU请求时存在栈缓冲区溢出漏洞，成功利用后可导致在服务程序上下文中执行任意代码，造成拒绝服务。 0 FreeBSD FreeBSD 9.x 临时解决方法： FreeBSD推荐下列三种做法: 1 升级您现在受影响的系统到漏洞修复日期后的FreeBSD stable或 release / security branch releng。 2 用源代码补丁更新您的受影响系统：...

FreeBSD-SA-14:01.bsnmpd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:01.bsnmpd Security Advisory The FreeBSD Project Topic: bsnmpd remote denial of service vulnerability Category: contrib Module: bsnmp Announced: 2014-01-14...

FreeBSD -- bsnmpd remote denial of service vulnerability

Problem Description: The bsnmpd8 daemon is prone to a stack-based buffer-overflow when it has received a specifically crafted GETBULK PDU request. Impact: This issue could be exploited to execute arbitrary code in the context of the service daemon, or crash the service daemon, causing a...