K33151296: SNMP vulnerability CVE-2007-5846

Security Advisory Description The SNMP agent snmpagent.c in net-snmp before 5.4.1 allows remote attackers to cause a denial of service CPU and memory consumption via a GETBULK request with a large max-repeaters value. CVE-2007-5846 Impact An attacker may be able to cause a CPU and memory...

SUSE CVE-2007-5846

The SNMP agent snmpagent.c in net-snmp before 5.4.1 allows remote attackers to cause a denial of service CPU and memory consumption via a GETBULK request with a large max-repeaters value...

EulerOS Virtualization 3.0.2.2 : net-snmp (EulerOS-SA-2021-2149)

According to the version of the net-snmp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - net-snmp before 5.8.1.pre1 has a double free in usmfreeusmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE:...

EulerOS 2.0 SP2 : net-snmp (EulerOS-SA-2020-2370)

According to the versions of the net-snmp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link symlink following.CVE-2020-15861 - Net-SNMP through 5.7.3...

Denial Of Service (DoS)

net-snmp is vulnerable to denial of service. A double-free vulnerability in the usmfreeusmStateReference function in snmplib/snmpusm.c allows an attacker to crash the application via a malicious SNMPv3 GetBulk request...

CVE-2019-20892

net-snmp before 5.8.1.pre1 has a double free in usmfreeusmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release...

CVE-2019-20892

net-snmp before 5.8.1.pre1 has a double free in usmfreeusmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release...

CVE-2019-20892

net-snmp before 5.8.1.pre1 has a double free in usmfreeusmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release...

bsnmpd buffer overflow

Buffer overflow on GETBULK request processing...

SuSE9 Security Update : net-snmp (YOU Patch Number 12298)

Remote attackers could crash net-snmp via GETBULK-Request. CVE-2008-4309 In addition the following non-security issues have been fixed : - typo in error message bnc439857 - make OIDs longer than 256 chars work bnc345914 - typo in the snmpd init script to really load all agents bnc415127 - logrota...

Code injection

agent/snmpagent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux RHEL 3 allows remote attackers to cause a denial of service daemon crash via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309...

CVE-2009-1887

agent/snmpagent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux RHEL 3 allows remote attackers to cause a denial of service daemon crash via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309...

net-snmp: DoS (division by zero) via SNMP GetBulk requests

agent/snmpagent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux RHEL 3 allows remote attackers to cause a denial of service daemon crash via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309...

Update Protection against Net-SNMP Denial of Service

Net-SNMP is a suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3. Net-SNMP is available for many Unix and Unix-like operating systems and also for Microsoft Windows. Net-SNMP is vulnerable to a denial of service that can be triggerred by sending a specially-crafted SNMP GETBULK...

net-snmp: numresponses calculation integer overflow in snmp_agent.c

Integer overflow in the netsnmpcreatesubtreecache function in agent/snmpagent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service crash via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow,...

CVE-2008-4309

Integer overflow in the netsnmpcreatesubtreecache function in agent/snmpagent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service crash via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow,...

Integer overflow

Integer overflow in the netsnmpcreatesubtreecache function in agent/snmpagent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service crash via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow,...

SuSE 10 Security Update : net-snmp (ZYPP Patch Number 4755)

This update of net-snmp fixes the following bug : - default and configurable maximum number of varbinds returnable to a GETBULK request. CVE-2007-5846 - crash when smux peers were configured with empty passwords %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this...

Design/Logic Flaw

The SNMP agent snmpagent.c in net-snmp before 5.4.1 allows remote attackers to cause a denial of service CPU and memory consumption via a GETBULK request with a large max-repeaters value...

DEBIAN-CVE-2007-5846

The SNMP agent snmpagent.c in net-snmp before 5.4.1 allows remote attackers to cause a denial of service CPU and memory consumption via a GETBULK request with a large max-repeaters value...