CVE-2020-11698

An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.conf that would allow executing commands on the target server...

net-snmp security and bug fix update

1:5.9.1-9.0.1 - fix error index value when snmpget is used a proxy pass Orabug: 35010262 1:5.9.1-9 - fix CVE-2022-44792 and CVE-2022-44793 2141902 and 2141906 - fix memory leak when ipv6 disable set to 1 2151540 1:5.9.1-8 - fix default snmpd.conf file content 2067954...

SpamTitan Command Injection Vulnerability

SpamTitan is an anti-spam solution from C/o Copperfasten, Ireland. The solution is characterized by easy installation and simple configuration. A command injection vulnerability exists in SpamTitan 7.07. The vulnerability stems from improper input validation of the community parameter in...

CVE-2020-11698

SpamTitan CVE-2020-11698 affects SpamTitan Gateway 7.07 (and possibly earlier) via an improper input sanitization flaw in snmp-x.php. The vulnerability allows a remote attacker to inject commands into snmpd.conf, enabling remote code execution on the target server (reported as unauthenticated RPC...

CVE-2015-8100

The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file...

ALPINE-CVE-2015-8100

The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file...

CVE-2015-8100

The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file...

Design/Logic Flaw

The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file...

CVE-2015-8100

The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file...

CVE-2015-8100

The CVE-2015-8100 entry concerns the net-snmp package on OpenBSD up to version 5.8, where snmpd.conf is created with 0644 permissions. This permits local users to read the file and obtain sensitive community information, constituting an information-disclosure vulnerability. The connected sources ...

CVE-2012-6658

CVE-2012-6658 affects SpiceWorks 5.3.75941 and describes multiple XSS vulnerabilities that allow an attacker to inject arbitrary web script or HTML via the syslocation, syscontact, or sysName settings in snmpd.conf. The root cause is improper handling of user-supplied values in these configuratio...

Oracle Linux 6 : net-snmp (ELSA-2014-0321)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-0321 advisory. 1:5.5-49.0.1.el65.1 - snmptrapd: Fix crash due to access of freed memory John Haxby orabug 14404682 1:5.5-49.1 - added 'diskio' option to snmpd.conf, it's...

Ipswitch WhatsUp Gold 'snmpd.conf' HTML注入漏洞

BUGTRAQ ID: 55393 CVE ID: CVE-2012-2589 WhatsUp Gold提供完整易用的监控机制，全方位监控应用服务与网络设备，协助IT管理人员将网管信息转变成可阅读的商业信息。 WhatsUp Gold 15.0.2及其他版本存在HTML注入漏洞，可导致在受影响站点运行攻击者提供的HTML或JS代码，窃取Cookie身份验证凭证、控制站点外观。 0 Ipswitch WhatsUp Gold 15.0.2 厂商补丁： Ipswitch -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

CVE-2000-0515

The CVE-2000-0515 issue affects HP-UX 11.0 where the snmpd.conf configuration file of the SNMP daemon (snmpd) is world-writable. This allows local users to modify SNMP configuration or gain privileges due to the insecure permissions on the config file (world-writable). The provided description do...