SUSE: Security Advisory (SUSE-SU-2015:1524-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:1556-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

net-snmp is vulnerable to denial of service. It was discovered that the snmppduparse function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system wit...

SUSE SLED12 / SLES12 Security Update : net-snmp (SUSE-SU-2015:1556-1)

The following issues have been fixed within this update : - fix btrfs output inside HOST-RESOURCES-MIB::hrStorageDescr. bsc909479 - fix an incompletely initialized vulnerability within the snmppduparse function of snmpapi.c. bsc940188, CVE-2015-5621 - add build requirement 'procps' to fix a...

SUSE SLED11 / SLES11 Security Update : net-snmp (SUSE-SU-2015:1524-1)

net-snmp was updated to fix one security vulnerability and several bugs. - fix a vulnerability within the snmppduparse function of snmpapi.c. bnc940188, CVE-2015-5621 - Add build requirement 'procps' to fix a net-snmp-config error. bsc935863 - add support for /dev/shm in snmp hostmib bnc853382,...

Medium: net-snmp

Issue Overview: It was discovered that the snmppduparse function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user...

CVE-2015-5621

The snmppduparse function in snmpapi.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmpvariablelist item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted packet...

Design/Logic Flaw

The snmppduparse function in snmpapi.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmpvariablelist item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted packet...

CVE-2015-5621

The snmppduparse function in snmpapi.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmpvariablelist item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted packet...

CVE-2015-5621

The snmppduparse function in snmpapi.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmpvariablelist item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted packet...

RedHat Update for net-snmp RHSA-2015:1636-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

net-snmp: Heap corruption in snmp_pdu_parse function in snmplib/snmp_api.c

It was discovered that the snmppduparse mishandles error codes and is vulnerable to a heap corruption within the parsing of the PDU prior to the authentication process. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with...

SUSE-SU-2015:1524-1 Security update for net-snmp

net-snmp was updated to fix one security vulnerability and several bugs. - fix a vulnerability within the snmppduparse function of snmpapi.c. bnc940188, CVE-2015-5621 - Add build requirement 'procps' to fix a net-snmp-config error. bsc935863 - add support for /dev/shm in snmp hostmib bnc853382,...

FreeBSD : net-snmp -- snmp_pdu_parse() function incomplete initialization (381183e8-3798-11e5-9970-14dae9d210b8)

Qinghao Tang reports : Incompletely initialized vulnerability exists in the function 'snmppduparse' of 'snmpapi.c', and remote attackers can cause memory leak, DOS and possible command executions by sending malicious packets. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...

CVE-2015-5621

The snmppduparse function in snmpapi.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmpvariablelist item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted packet...

net-snmp -- snmp_pdu_parse() function incomplete initialization

Qinghao Tang reports: Incompletely initialized vulnerability exists in the function ‘snmppduparse’ of ‘snmpapi.c', and remote attackers can cause memory leak, DOS and possible command executions by sending malicious packets...