2 matches found
CVE-2020-6059
Mini-SNMPD 1.4 is affected by an exploitable out-of-bounds read in the SNMP packet decoder (decode_int). The flaw can lead to disclosure of sensitive information and a denial of service when a specially crafted SNMP request is processed, due to improper handling of length fields that may read pas...
Vulnerability Spotlight: Denial-of-service, information leak bugs in Mini-SNMPD
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Multiple vulnerabilities exist in Mini-SNMPD, a lightweight implementation of a Simple Network Management Protocol server. An attacker can exploit these bugs by providing a specially crafted SNMPD request to...