168 matches found
DEBIAN-CVE-2008-0960
SNMPv3 HMAC verification in 1 Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; 2 UCD-SNMP; 3 eCos; 4 Juniper Session and Resource Control SRC C-series 1.0.0 through 2.0.0; 5 NetApp aka Network Appliance Data ONTAP 7.3RC1 and 7.3RC2; 6 SNMP Research before 16.2; 7...
CVE-2008-0960
CVE-2008-0960 describes an SNMPv3 HMAC verification flaw where the client specifies the HMAC length, enabling spoofing of authenticated SNMPv3 packets. Affected implementations include Net-SNMP 5.2.x (pre-5.2.4.1), 5.3.x (pre-5.3.2.1), 5.4.x (pre-5.4.1.1); UCD-SNMP; eCos; Juniper SRC C-series (1....
Moderate: Red Hat Security Advisory: ucd-snmp security update
Updated ucd-snmp packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Simple Network Management Protocol SNMP is a protocol used for network management. A fla...
CVE-2008-0960
SNMPv3 HMAC verification in 1 Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; 2 UCD-SNMP; 3 eCos; 4 Juniper Session and Resource Control SRC C-series 1.0.0 through 2.0.0; 5 NetApp aka Network Appliance Data ONTAP 7.3RC1 and 7.3RC2; 6 SNMP Research before 16.2; 7...
US-CERT Technical Cyber Security Alert TA08-162A -- SNMPv3 Authentication Bypass Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-162A SNMPv3 Authentication Bypass Vulnerability Original release date: June 10, 2008 Last revised: -- Source: US-CERT Systems Affected Multiple Implementations of SNMPv3 Overview A...
[oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing
2008/06/09 2008-006 multiple SNMP implementations HMAC authentication spoofing Description: Some SNMP implementations include incomplete HMAC authentication code that allows spoofing of authenticated SNMPv3 packets. The authentication code reads the length to be checked from sender input, this...
SNMPv3 improper HMAC validation allows authentication bypass
Overview A vulnerability in the way implementations of SNMPv3 handle specially crafted packets may allow authentication bypass. Description SNMP can be configured to utilize version 3, which is the current standard version of SNMP. SNMPv3 incorporates security features such as authentication and...
Debian Security Advisory DSA 111-1 (ucd-snmp)
The remote host is missing an update to ucd-snmp announced via advisory DSA 111-1. OpenVAS Vulnerability Test $Id: deb1111.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 111-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 111-1 (ucd-snmp)
The remote host is missing an update to ucd-snmp announced via advisory DSA 111-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2006-0007 Synopsis: VMware ESX Server 2.1.3 Upgrade Patch 2 Patch URL: http://www.vmware.com/download/esx/esx-213-200610-patch.html...
VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2006-0006 Synopsis: VMware ESX Server 2.5.3 Upgrade Patch 4 Patch URL: http://www.vmware.com/download/esx/esx-253-200610-patch.html...
VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2006-0005 Synopsis: VMware ESX Server 2.5.4 Upgrade Patch 1 Patch URL: http://www.vmware.com/download/esx/esx-254-200610-patch.html...
Ubuntu 4.10 / 5.04 / 5.10 : ucd-snmp vulnerability (USN-190-2)
USN-190-1 fixed a vulnerability in the net-snmp library. It was discovered that the same problem also affects the ucs-snmp implementation which is used by the Cyrus email server. Original advisory : A remote Denial of Service has been discovered in the SMNP Simple Network Management Protocol...
Mandrake Linux Security Advisory : ucd-snmp (MDKSA-2005:137)
A Denial of Service vulnerability was discovered in the way that ucd-snmp uses network stream protocols. A remote attacker could send a ucd-snmp agent a specially crafted packet that would cause the agent to crash. The updated packages have been patched to correct this problem. %NASLMINLEVEL 7030...
RHEL 2.1 : ucd-snmp (RHSA-2005:720)
Updated ucd-snmp packages that a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having low security impact by the Red Hat Security Response Team. SNMP Simple Network Management Protocol is a protocol used for network management. A denial of servic...
ucd security update
CentOS Errata and Security Advisory CESA-2005:720-01 Updated ucd-snmp packages that a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having low security impact by the Red Hat Security Response Team. SNMP Simple Network Management Protocol is a...
Low: Red Hat Security Advisory: ucd-snmp security update
Updated ucd-snmp packages that a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having low security impact by the Red Hat Security Response Team. SNMP Simple Network Management Protocol is a protocol used for network management. A denial of servic...
CVE-2004-2300
Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument. NOTE: it is not clear whether there are any standard configurations in which snmpd is installed setuid or setgid. If not, then this...
CVE-2004-2300
The CVE-2004-2300 entry concerns a buffer overflow in snmpd for ucd-snmp 4.2.6 and earlier when run as root-setuid. Local users could potentially execute arbitrary code via a long -p argument. Multiple sources (Red Hat, Debian security tracker, NVD) reiterate the same description; there is explic...
CVE-2004-2300
Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument. NOTE: it is not clear whether there are any standard configurations in which snmpd is installed setuid or setgid. If not, then this...