A remote denial-of-service flaw was found in the way snmptrapd handled
certain SNMP traps when started with the -OQ option. If an attacker
sent an SNMP trap containing a variable with a NULL type where an
integer variable type was expected, it would cause snmptrapd to crash
(CVE-2014-3565).
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
{"id": "SECURITYVULNS:DOC:31111", "bulletinFamily": "software", "title": "[ MDVSA-2014:184 ] net-snmp", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2014:184\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : net-snmp\r\n Date : September 24, 2014\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Updated net-snmp packages fix security vulnerabilities:\r\n \r\n A remote denial-of-service flaw was found in the way snmptrapd handled\r\n certain SNMP traps when started with the -OQ option. If an attacker\r\n sent an SNMP trap containing a variable with a NULL type where an\r\n integer variable type was expected, it would cause snmptrapd to crash\r\n (CVE-2014-3565).\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565\r\n http://advisories.mageia.org/MGASA-2014-0371.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n 673e6eed029453ef91d0c7a54bce2592 mbs1/x86_64/lib64net-snmp30-5.7.2-1.2.mbs1.x86_64.rpm\r\n f90c40aff23a7411471ee6eb09cc4ba9 mbs1/x86_64/lib64net-snmp-devel-5.7.2-1.2.mbs1.x86_64.rpm\r\n 33947f32fdca8d97baea2cf327ad87a7 mbs1/x86_64/lib64net-snmp-static-devel-5.7.2-1.2.mbs1.x86_64.rpm\r\n cf6a942c7b95d6316fa316b44a622a2d mbs1/x86_64/net-snmp-5.7.2-1.2.mbs1.x86_64.rpm\r\n b504d1e32fd4ac4f3b42e2af11290434 mbs1/x86_64/net-snmp-mibs-5.7.2-1.2.mbs1.x86_64.rpm\r\n 53a57ff36f8585ef316a2082fdb5f867 mbs1/x86_64/net-snmp-tkmib-5.7.2-1.2.mbs1.x86_64.rpm\r\n 7d3d6ac8e63eba2fe104c1909d87391c mbs1/x86_64/net-snmp-trapd-5.7.2-1.2.mbs1.x86_64.rpm\r\n 4093e1a8f9045ddaa465ff8735dfad66 mbs1/x86_64/net-snmp-utils-5.7.2-1.2.mbs1.x86_64.rpm\r\n c03a70c4f3a43defc16b4279456adb7e mbs1/x86_64/perl-NetSNMP-5.7.2-1.2.mbs1.x86_64.rpm\r\n 0868cbf75d36c9a538b9792367f9c4f8 mbs1/x86_64/python-netsnmp-5.7.2-1.2.mbs1.x86_64.rpm \r\n c3653bb6c7ca975b6c08b8dc286c2101 mbs1/SRPMS/net-snmp-5.7.2-1.2.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFUIs+5mqjQ0CJFipgRAiG7AKDBKBmOYpjEwKLyDhnlFys1NZYXvgCgvo3p\r\nXx7kS42QepzftK2O3vKR1yU=\r\n=192D\r\n-----END PGP SIGNATURE-----\r\n\r\n", "published": "2014-09-29T00:00:00", "modified": "2014-09-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31111", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2014-3565"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:54", "edition": 1, "viewCount": 3, "enchantments": {"score": {"value": 5.9, "vector": "NONE", "modified": "2018-08-31T11:10:54", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-3565"]}, {"type": "f5", "idList": ["SOL17315", "F5:K17315"]}, {"type": "centos", "idList": ["CESA-2015:2345", "CESA-2015:1385"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1385", "ELSA-2015-2345"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310871490", "OPENVAS:1361412562310122757", "OPENVAS:1361412562310868178", "OPENVAS:1361412562310121398", "OPENVAS:1361412562310868175", "OPENVAS:1361412562310806148", "OPENVAS:1361412562310871407", "OPENVAS:1361412562310842415", "OPENVAS:1361412562310123070"]}, {"type": "nessus", "idList": ["FEDORA_2014-10095.NASL", "FEDORA_2014-10099.NASL", "OPENSUSE-2014-533.NASL", "MANDRIVA_MDVSA-2014-184.NASL", "REDHAT-RHSA-2015-1385.NASL", "SL_20150722_NET_SNMP_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2015-2345.NASL", "F5_BIGIP_SOL17315.NASL", "CENTOS_RHSA-2015-2345.NASL", "GENTOO_GLSA-201507-17.NASL"]}, {"type": "redhat", "idList": ["RHSA-2015:2345", "RHSA-2015:1385"]}, {"type": "gentoo", "idList": ["GLSA-201507-17"]}, {"type": "freebsd", "idList": ["4622635F-37A1-11E5-9970-14DAE9D210B8"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:4F43D8E6BFF265B4800460FBD8EF85B5"]}, {"type": "ubuntu", "idList": ["USN-2711-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14702", "SECURITYVULNS:VULN:14418", "SECURITYVULNS:DOC:31950", "SECURITYVULNS:DOC:32414", "SECURITYVULNS:DOC:32566"]}], "modified": "2018-08-31T11:10:54", "rev": 2}, "vulnersScore": 5.9}, "affectedSoftware": []}
{"cve": [{"lastseen": "2021-02-02T06:14:29", "description": "snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message.", "edition": 6, "cvss3": {}, "published": "2014-10-07T14:55:00", "title": "CVE-2014-3565", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3565"], "modified": "2016-12-24T02:59:00", "cpe": ["cpe:/o:apple:mac_os_x:10.11.0", "cpe:/a:net-snmp:net-snmp:5.0.9", "cpe:/a:net-snmp:net-snmp:5.5", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/a:net-snmp:net-snmp:5.1.2", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:net-snmp:net-snmp:5.0", "cpe:/a:net-snmp:net-snmp:5.2", "cpe:/a:net-snmp:net-snmp:5.3", "cpe:/a:net-snmp:net-snmp:5.3.0.1", "cpe:/a:net-snmp:net-snmp:5.6", "cpe:/a:net-snmp:net-snmp:5.0.7", "cpe:/a:net-snmp:net-snmp:5.0.4", "cpe:/a:net-snmp:net-snmp:5.7.0", "cpe:/a:net-snmp:net-snmp:5.0.1", "cpe:/a:net-snmp:net-snmp:5.1", "cpe:/a:net-snmp:net-snmp:5.0.6", "cpe:/a:net-snmp:net-snmp:5.0.3", "cpe:/a:net-snmp:net-snmp:5.0.8", "cpe:/a:net-snmp:net-snmp:5.0.5", "cpe:/a:net-snmp:net-snmp:5.0.2", "cpe:/a:net-snmp:net-snmp:5.4", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2014-3565", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3565", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:net-snmp:net-snmp:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.5:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.6:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.2:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.4:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.3:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}], "f5": [{"lastseen": "2020-04-06T22:40:41", "bulletinFamily": "software", "cvelist": ["CVE-2014-3565"], "description": "\nF5 Product Development has assigned ID 545322 (BIG-IP), ID 545369 (BIG-IQ), and ID 545370 (Enterprise Manager), and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H17315 on the **Diagnostics** > **Identified** > **Low** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| 12.1.0| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IP AAM| 12.0.0 \n11.4.0 - 11.6.0| 12.1.0| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IP AFM| 12.0.0 \n11.3.0 - 11.6.0| 12.1.0| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IP Analytics| 12.0.0 \n11.0.0 - 11.6.0| 12.1.0| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IP APM| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| 12.1.0| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IP ASM| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| 12.1.0| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IP DNS| 12.0.0| 12.1.0| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| \nNone| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IP GTM| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| \nNone| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IP Link Controller| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| 12.1.0| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IP PEM| 12.0.0 \n11.3.0 - 11.6.0| 12.1.0| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IP PSM| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| \nNone| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| \nNone| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IP WOM| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| \nNone| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| 3.0.0 - 3.1.1| \nNone| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nFirePass| \nNone| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| \nNone| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IQ Device| 4.2.0 - 4.5.0| \nNone| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IQ Security| 4.0.0 - 4.5.0| \nNone| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nBIG-IQ ADC| 4.5.0| \nNone| Low| The **snmptrapd **binary included with the BIG-IP distribution is \nvulnerable but not used in supported configurations. \nLineRate| \nNone| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| \nNone| 1.0.0| Not vulnerable| None \nTraffix SDC| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| None| Medium| The **snmpdtrapd **binary is vulnerable on Traffix systems that use Splunk and the Element Management \nSystem (EMS)\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability, you can avoid starting the **snmptrapd **process. Additionally, you should only permit management access over a secure network and limit shell access to only trusted users. For more information about securing access to BIG-IP and Enterprise Manager systems, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>). \n \n**Impact of action:** None \n\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n * [K10025: Managing BIG-IP product hotfixes (10.x)](<https://support.f5.com/csp/article/K10025>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n * [K10322: FirePass hotfix matrix](<https://support.f5.com/csp/article/K10322>)\n * [K12766: ARX hotfix matrix](<https://support.f5.com/csp/article/K12766>)\n * [K3430: Installing FirePass hotfixes](<https://support.f5.com/csp/article/K3430>)\n * [K6664: Obtaining and installing OPSWAT hotfixes](<https://support.f5.com/csp/article/K6664>)\n * [K10942: Installing OPSWAT hotfixes on BIG-IP APM systems](<https://support.f5.com/csp/article/K10942>)\n", "edition": 1, "modified": "2018-07-27T22:29:00", "published": "2015-09-29T03:31:00", "id": "F5:K17315", "href": "https://support.f5.com/csp/article/K17315", "title": "SNMP vulnerability CVE-2014-3565", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2016-05-24T01:02:13", "bulletinFamily": "software", "cvelist": ["CVE-2014-3565"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you can avoid starting the **snmptrapd **process. Additionally, you should only permit management access over a secure network and limit shell access to only trusted users. For more information about securing access to BIG-IP and Enterprise Manager systems, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x) and SOL13092: Overview of securing access to the BIG-IP system. \n \n**Impact of action:** None \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL9502: BIG-IP hotfix matrix\n * SOL10322: FirePass hotfix matrix\n * SOL12766: ARX hotfix matrix\n * SOL3430: Installing FirePass hotfixes\n * SOL6664: Obtaining and installing OPSWAT hotfixes\n * SOL10942: Installing OPSWAT hotfixes on BIG-IP APM systems\n", "modified": "2016-05-23T00:00:00", "published": "2015-09-28T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/17000/300/sol17315.html", "id": "SOL17315", "title": "SOL17315 - SNMP vulnerability CVE-2014-3565", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2019-12-20T18:25:56", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3565"], "description": "**CentOS Errata and Security Advisory** CESA-2015:2345\n\n\nThe net-snmp packages provide various libraries and tools for the Simple\nNetwork Management Protocol (SNMP), including an SNMP library, an\nextensible agent, tools for requesting or setting information from SNMP\nagents, tools for generating and handling SNMP traps, a version of the\nnetstat command which uses SNMP, and a Tk/Perl Management Information Base\n(MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled certain\nSNMP traps when started with the \"-OQ\" option. If an attacker sent an SNMP\ntrap containing a variable with a NULL type where an integer variable type\nwas expected, it would cause snmptrapd to crash. (CVE-2014-3565)\n\nThis update also fixes the following bugs:\n\n* Previously, the clientaddr option in the snmp.conf file affected outgoing\nmessages sent only over IPv4. With this release, outgoing IPv6 messages are\ncorrectly sent from the interface specified by clientaddr. (BZ#1190679)\n\n* The Net-SNMP daemon, snmpd, did not properly clean memory when reloading\nits configuration file with multiple \"exec\" entries. Consequently, the\ndaemon terminated unexpectedly. Now, the memory is properly cleaned, and\nsnmpd no longer crashes on reload. (BZ#1228893)\n\n* Prior to this update, snmpd did not parse complete IPv4 traffic\nstatistics, but reported the number of received or sent bytes in the\nIP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4.\nThis affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets,\nipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the\nstatistics reported by snmpd are collected for IPv4 as well. (BZ#1235697)\n\n* The Net-SNMP daemon, snmpd, did not correctly detect the file system\nchange from read-only to read-write. Consequently, after remounting the\nfile system into the read-write mode, the daemon reported it to be still\nin the read-only mode. A patch has been applied, and snmpd now detects the\nmode changes as expected. (BZ#1241897)\n\nAll net-snmp users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-November/008699.html\n\n**Affected packages:**\nnet-snmp\nnet-snmp-agent-libs\nnet-snmp-devel\nnet-snmp-gui\nnet-snmp-libs\nnet-snmp-perl\nnet-snmp-python\nnet-snmp-sysvinit\nnet-snmp-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-2345.html", "edition": 3, "modified": "2015-11-30T19:45:16", "published": "2015-11-30T19:45:16", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-November/008699.html", "id": "CESA-2015:2345", "title": "net security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:27:11", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3565"], "description": "**CentOS Errata and Security Advisory** CESA-2015:1385\n\n\nThe net-snmp packages provide various libraries and tools for the Simple\nNetwork Management Protocol (SNMP), including an SNMP library, an\nextensible agent, tools for requesting or setting information from SNMP\nagents, tools for generating and handling SNMP traps, a version of the\nnetstat command which uses SNMP, and a Tk/Perl Management Information Base\n(MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled certain\nSNMP traps when started with the \"-OQ\" option. If an attacker sent an SNMP\ntrap containing a variable with a NULL type where an integer variable type\nwas expected, it would cause snmptrapd to crash. (CVE-2014-3565)\n\nThis update also fixes the following bugs:\n\n* The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented\nbecause parts of the HOST-RESOURCES-MIB module were rewritten in an earlier\nversion of net-snmp. Consequently, HOST-RESOURCES-MIB::hrSystemProcesses\ndid not provide information on the number of currently loaded or running\nprocesses. With this update, HOST-RESOURCES-MIB::hrSystemProcesses has been\nimplemented, and the net-snmp daemon reports as expected. (BZ#1134335)\n\n* The Net-SNMP agent daemon, snmpd, reloaded the system ARP table every 60\nseconds. As a consequence, snmpd could cause a short CPU usage spike on\nbusy systems with a large APR table. With this update, snmpd does not\nreload the full ARP table periodically, but monitors the table changes\nusing a netlink socket. (BZ#789500)\n\n* Previously, snmpd used an invalid pointer to the current time when\nperiodically checking certain conditions specified by the \"monitor\" option\nin the /etc/snmpd/snmpd.conf file. Consequently, snmpd terminated\nunexpectedly on start with a segmentation fault if a certain entry with the\n\"monitor\" option was used. Now, snmpd initializes the correct pointer\nto the current time, and snmpd no longer crashes on start. (BZ#1050970)\n\n* Previously, snmpd expected 8-bit network interface indices when\nprocessing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of a\nlocal network interface was larger than 30,000 items, snmpd could terminate\nunexpectedly due to accessing invalid memory. Now, processing of all\nnetwork sizes is enabled, and snmpd no longer crashes in the described\nsituation. (BZ#1195547)\n\n* The snmpdtrapd service incorrectly checked for errors when forwarding a\ntrap with a RequestID value of 0, and logged \"Forward failed\" even though\nthe trap was successfully forwarded. This update fixes snmptrapd checks and\nthe aforementioned message is now logged only when appropriate.\n(BZ#1146948)\n\n* Previously, snmpd ignored the value of the \"storageUseNFS\" option in the\n/etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were shown as\n\"Network Disks\", even though \"storageUseNFS\" was set to \"2\" to report them\nas \"Fixed Disks\" in HOST-RESOURCES-MIB::hrStorageTable. With this update,\nsnmpd takes the \"storageUseNFS\" option value into account, and \"Fixed Disks\"\nNFS drives are reported correctly. (BZ#1125793)\n\n* Previously, the Net-SNMP python binding used an incorrect size (8 bytes\ninstead of 4) for variables of IPADDRESS type. Consequently, applications\nthat were using Net-SNMP Python bindings could send malformed SNMP\nmessages. With this update, the bindings now use 4 bytes for variables with\nIPADRESS type, and only valid SNMP messages are sent. (BZ#1100099)\n\n* Previously, the snmpd service did not cut values in\nHOST-RESOURCES-MIB::hrStorageTable to signed 32-bit integers, as required\nby SNMP standards, and provided the values as unsigned integers. As a\nconsequence, the HOST-RESOURCES-MIB::hrStorageTable implementation did not\nconform to RFC 2790. The values are now cut to 32-bit signed integers, and\nsnmpd is therefore standard compliant. (BZ#1104293)\n\nUsers of net-snmp are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-July/008225.html\n\n**Affected packages:**\nnet-snmp\nnet-snmp-devel\nnet-snmp-libs\nnet-snmp-perl\nnet-snmp-python\nnet-snmp-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1385.html", "edition": 3, "modified": "2015-07-26T14:12:35", "published": "2015-07-26T14:12:35", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-July/008225.html", "id": "CESA-2015:1385", "title": "net security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:36:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2015-07-23T00:00:00", "id": "OPENVAS:1361412562310871407", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871407", "type": "openvas", "title": "RedHat Update for net-snmp RHSA-2015:1385-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for net-snmp RHSA-2015:1385-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871407\");\n script_version(\"$Revision: 12497 $\");\n script_cve_id(\"CVE-2014-3565\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-23 06:26:21 +0200 (Thu, 23 Jul 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for net-snmp RHSA-2015:1385-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'net-snmp'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The net-snmp packages provide various libraries and tools for the Simple\nNetwork Management Protocol (SNMP), including an SNMP library, an\nextensible agent, tools for requesting or setting information from SNMP\nagents, tools for generating and handling SNMP traps, a version of the\nnetstat command which uses SNMP, and a Tk/Perl Management Information Base\n(MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled certain\nSNMP traps when started with the '-OQ' option. If an attacker sent an SNMP\ntrap containing a variable with a NULL type where an integer variable type\nwas expected, it would cause snmptrapd to crash. (CVE-2014-3565)\n\nThis update also fixes the following bugs:\n\n * The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented\nbecause parts of the HOST-RESOURCES-MIB module were rewritten in an earlier\nversion of net-snmp. Consequently, HOST-RESOURCES-MIB::hrSystemProcesses\ndid not provide information on the number of currently loaded or running\nprocesses. With this update, HOST-RESOURCES-MIB::hrSystemProcesses has been\nimplemented, and the net-snmp daemon reports as expected. (BZ#1134335)\n\n * The Net-SNMP agent daemon, snmpd, reloaded the system ARP table every 60\nseconds. As a consequence, snmpd could cause a short CPU usage spike on\nbusy systems with a large APR table. With this update, snmpd does not\nreload the full ARP table periodically, but monitors the table changes\nusing a netlink socket. (BZ#789500)\n\n * Previously, snmpd used an invalid pointer to the current time when\nperiodically checking certain conditions specified by the 'monitor' option\nin the /etc/snmpd/snmpd.conf file. Consequently, snmpd terminated\nunexpectedly on start with a segmentation fault if a certain entry with the\n'monitor' option was used. Now, snmpd initializes the correct pointer\nto the current time, and snmpd no longer crashes on start. (BZ#1050970)\n\n * Previously, snmpd expected 8-bit network interface indices when\nprocessing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of a\nlocal network interface was larger than 30, 000 items, snmpd could terminate\nunexpectedly due to accessing invalid memory. Now, processing of all\nnetwork sizes is enabled, and snmpd no longer crashes in the described\nsituation. (BZ#1195547)\n\n * The snmpdtrapd service incorrectly checked for errors when forwarding a\ntrap with a RequestID value of 0, and logged 'Forward failed' even though\nthe trap was successfully forwarded. This update fixes snmptrapd checks and\nthe aforementioned ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"net-snmp on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1385-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-July/msg00027.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.5~54.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-debuginfo\", rpm:\"net-snmp-debuginfo~5.5~54.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.5~54.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.5~54.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.5~54.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-python\", rpm:\"net-snmp-python~5.5~54.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.5~54.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-09-11T00:00:00", "id": "OPENVAS:1361412562310868178", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868178", "type": "openvas", "title": "Fedora Update for net-snmp FEDORA-2014-10099", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for net-snmp FEDORA-2014-10099\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868178\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-11 05:56:43 +0200 (Thu, 11 Sep 2014)\");\n script_cve_id(\"CVE-2014-3565\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for net-snmp FEDORA-2014-10099\");\n script_tag(name:\"affected\", value:\"net-snmp on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-10099\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137529.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'net-snmp'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.7.2~15.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "description": "Gentoo Linux Local Security Checks GLSA 201507-17", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121398", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121398", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201507-17", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201507-17.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121398\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:58 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201507-17\");\n script_tag(name:\"insight\", value:\"A specially crafted trap message triggers a conversion to an erroneous variable type when the -OQ option is used.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201507-17\");\n script_cve_id(\"CVE-2014-3565\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201507-17\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"net-analyzer/net-snmp\", unaffected: make_list(\"ge 5.7.3_pre5-r1\"), vulnerable: make_list(\"lt 5.7.3_pre5-r1\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-09-10T00:00:00", "id": "OPENVAS:1361412562310868175", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868175", "type": "openvas", "title": "Fedora Update for net-snmp FEDORA-2014-10095", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for net-snmp FEDORA-2014-10095\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868175\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-10 06:18:58 +0200 (Wed, 10 Sep 2014)\");\n script_cve_id(\"CVE-2014-3565\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for net-snmp FEDORA-2014-10095\");\n script_tag(name:\"affected\", value:\"net-snmp on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-10095\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137318.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'net-snmp'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.7.2~18.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "description": "Oracle Linux Local Security Checks ELSA-2015-1385", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123070", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123070", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1385", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1385.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123070\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 13:58:58 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1385\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1385 - net-snmp security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1385\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1385.html\");\n script_cve_id(\"CVE-2014-3565\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.5~54.0.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.5~54.0.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.5~54.0.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.5~54.0.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-python\", rpm:\"net-snmp-python~5.5~54.0.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.5~54.0.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "description": "Oracle Linux Local Security Checks ELSA-2015-2345", "modified": "2018-09-28T00:00:00", "published": "2015-11-24T00:00:00", "id": "OPENVAS:1361412562310122757", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122757", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-2345", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-2345.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122757\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-11-24 10:17:30 +0200 (Tue, 24 Nov 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-2345\");\n script_tag(name:\"insight\", value:\"ELSA-2015-2345 - net-snmp security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-2345\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-2345.html\");\n script_cve_id(\"CVE-2014-3565\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.7.2~24.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-agent-libs\", rpm:\"net-snmp-agent-libs~5.7.2~24.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.7.2~24.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-gui\", rpm:\"net-snmp-gui~5.7.2~24.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.7.2~24.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.7.2~24.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-python\", rpm:\"net-snmp-python~5.7.2~24.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-sysvinit\", rpm:\"net-snmp-sysvinit~5.7.2~24.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.7.2~24.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2015-11-20T00:00:00", "id": "OPENVAS:1361412562310871490", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871490", "type": "openvas", "title": "RedHat Update for net-snmp RHSA-2015:2345-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for net-snmp RHSA-2015:2345-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871490\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-20 06:21:31 +0100 (Fri, 20 Nov 2015)\");\n script_cve_id(\"CVE-2014-3565\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for net-snmp RHSA-2015:2345-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'net-snmp'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The net-snmp packages provide various\nlibraries and tools for the Simple Network Management Protocol (SNMP), including\nan SNMP library, an extensible agent, tools for requesting or setting\ninformation from SNMP agents, tools for generating and handling SNMP traps, a\nversion of the netstat command which uses SNMP, and a Tk/Perl Management\nInformation Base (MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled certain\nSNMP traps when started with the '-OQ' option. If an attacker sent an SNMP\ntrap containing a variable with a NULL type where an integer variable type\nwas expected, it would cause snmptrapd to crash. (CVE-2014-3565)\n\nThis update also fixes the following bugs:\n\n * Previously, the clientaddr option in the snmp.conf file affected outgoing\nmessages sent only over IPv4. With this release, outgoing IPv6 messages are\ncorrectly sent from the interface specified by clientaddr. (BZ#1190679)\n\n * The Net-SNMP daemon, snmpd, did not properly clean memory when reloading\nits configuration file with multiple 'exec' entries. Consequently, the\ndaemon terminated unexpectedly. Now, the memory is properly cleaned, and\nsnmpd no longer crashes on reload. (BZ#1228893)\n\n * Prior to this update, snmpd did not parse complete IPv4 traffic\nstatistics, but reported the number of received or sent bytes in the\nIP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4.\nThis affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets,\nipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the\nstatistics reported by snmpd are collected for IPv4 as well. (BZ#1235697)\n\n * The Net-SNMP daemon, snmpd, did not correctly detect the file system\nchange from read-only to read-write. Consequently, after remounting the\nfile system into the read-write mode, the daemon reported it to be still\nin the read-only mode. A patch has been applied, and snmpd now detects the\nmode changes as expected. (BZ#1241897)\n\nAll net-snmp users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"net-snmp on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:2345-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-November/msg00039.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.7.2~24.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-agent-libs\", rpm:\"net-snmp-agent-libs~5.7.2~24.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-debuginfo\", rpm:\"net-snmp-debuginfo~5.7.2~24.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.7.2~24.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.7.2~24.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.7.2~24.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5621", "CVE-2014-3565"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-08-18T00:00:00", "id": "OPENVAS:1361412562310842415", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842415", "type": "openvas", "title": "Ubuntu Update for net-snmp USN-2711-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for net-snmp USN-2711-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842415\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-18 06:51:06 +0200 (Tue, 18 Aug 2015)\");\n script_cve_id(\"CVE-2014-3565\", \"CVE-2015-5621\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for net-snmp USN-2711-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'net-snmp'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that Net-SNMP incorrectly\nhandled certain trap messages when the -OQ option was used. A remote attacker\ncould use this issue to cause Net-SNMP to crash, resulting in a denial of service.\n(CVE-2014-3565)\n\nQinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing\nfailures. A remote attacker could use this issue to cause Net-SNMP to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2015-5621)\");\n script_tag(name:\"affected\", value:\"net-snmp on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2711-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2711-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsnmp30:amd64\", ver:\"5.7.2~dfsg-8.1ubuntu3.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsnmp30:i386\", ver:\"5.7.2~dfsg-8.1ubuntu3.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsnmp15\", ver:\"5.4.3~dfsg-2.4ubuntu1.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-7007", "CVE-2015-6987", "CVE-2015-7061", "CVE-2015-7059", "CVE-2015-7003", "CVE-2015-6983", "CVE-2015-7020", "CVE-2015-6994", "CVE-2015-7021", "CVE-2014-3565", "CVE-2012-6151", "CVE-2015-6995", "CVE-2015-5945", "CVE-2015-7008", "CVE-2015-7023", "CVE-2015-7015", "CVE-2015-7060", "CVE-2015-6990", "CVE-2015-6988", "CVE-2015-5943", "CVE-2015-6563", "CVE-2015-6974", "CVE-2015-7988", "CVE-2015-7019", "CVE-2015-7006", "CVE-2015-7017"], "description": "This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.", "modified": "2019-05-03T00:00:00", "published": "2015-10-29T00:00:00", "id": "OPENVAS:1361412562310806148", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806148", "type": "openvas", "title": "Apple Mac OS X Multiple Vulnerabilities-01 October-15", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Mac OS X Multiple Vulnerabilities-01 October-15\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Updated By: Shakeel <bshakeel@secpod.com> on 2018-05-15\n# For proper Version Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806148\");\n script_version(\"2019-05-03T08:55:39+0000\");\n script_cve_id(\"CVE-2015-5943\", \"CVE-2015-6983\", \"CVE-2015-7061\", \"CVE-2015-7060\",\n \"CVE-2015-7059\", \"CVE-2015-7007\", \"CVE-2015-5945\", \"CVE-2015-6563\",\n \"CVE-2014-3565\", \"CVE-2012-6151\", \"CVE-2015-7988\", \"CVE-2015-6994\",\n \"CVE-2015-6988\", \"CVE-2015-6974\", \"CVE-2015-7021\", \"CVE-2015-7020\",\n \"CVE-2015-7019\", \"CVE-2015-7008\", \"CVE-2015-6990\", \"CVE-2015-6987\",\n \"CVE-2015-6995\", \"CVE-2015-7017\", \"CVE-2015-7015\", \"CVE-2015-7023\",\n \"CVE-2015-7006\", \"CVE-2015-7003\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 08:55:39 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-10-29 12:54:16 +0530 (Thu, 29 Oct 2015)\");\n script_name(\"Apple Mac OS X Multiple Vulnerabilities-01 October-15\");\n\n script_tag(name:\"summary\", value:\"This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists. For details refer\n reference section.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker\n to execute arbitrary code, overwrite cookies, elevate privileges, execute\n arbitrary code with system privileges, cause unexpected application termination,\n read kernel memory, conduct impersonation attacks, run arbitrary AppleScript,\n overwrite arbitrary files and control keychain access prompts.\");\n\n script_tag(name:\"affected\", value:\"Apple OS X El Capitan versions before\n 10.11.1\");\n\n script_tag(name:\"solution\", value:\"Upgrade Apple OS X El Capitan to version\n 10.11.1 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT205375\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.11\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName || \"Mac OS X\" >!< osName){\n exit(0);\n}\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(osVer && osVer =~ \"^10\\.11\")\n{\n\n if(version_is_less(version:osVer, test_version:\"10.11.1\"))\n {\n report = report_fixed_ver(installed_version:osVer, fixed_version:\"10.11.1\");\n security_message(data:report);\n exit(0);\n }\n}\n\nexit(99);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:35", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3565"], "description": "The net-snmp packages provide various libraries and tools for the Simple\nNetwork Management Protocol (SNMP), including an SNMP library, an\nextensible agent, tools for requesting or setting information from SNMP\nagents, tools for generating and handling SNMP traps, a version of the\nnetstat command which uses SNMP, and a Tk/Perl Management Information Base\n(MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled certain\nSNMP traps when started with the \"-OQ\" option. If an attacker sent an SNMP\ntrap containing a variable with a NULL type where an integer variable type\nwas expected, it would cause snmptrapd to crash. (CVE-2014-3565)\n\nThis update also fixes the following bugs:\n\n* Previously, the clientaddr option in the snmp.conf file affected outgoing\nmessages sent only over IPv4. With this release, outgoing IPv6 messages are\ncorrectly sent from the interface specified by clientaddr. (BZ#1190679)\n\n* The Net-SNMP daemon, snmpd, did not properly clean memory when reloading\nits configuration file with multiple \"exec\" entries. Consequently, the\ndaemon terminated unexpectedly. Now, the memory is properly cleaned, and\nsnmpd no longer crashes on reload. (BZ#1228893)\n\n* Prior to this update, snmpd did not parse complete IPv4 traffic\nstatistics, but reported the number of received or sent bytes in the\nIP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4.\nThis affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets,\nipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the\nstatistics reported by snmpd are collected for IPv4 as well. (BZ#1235697)\n\n* The Net-SNMP daemon, snmpd, did not correctly detect the file system\nchange from read-only to read-write. Consequently, after remounting the\nfile system into the read-write mode, the daemon reported it to be still\nin the read-only mode. A patch has been applied, and snmpd now detects the\nmode changes as expected. (BZ#1241897)\n\nAll net-snmp users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.", "modified": "2018-04-12T03:32:43", "published": "2015-11-19T18:36:48", "id": "RHSA-2015:2345", "href": "https://access.redhat.com/errata/RHSA-2015:2345", "type": "redhat", "title": "(RHSA-2015:2345) Moderate: net-snmp security and bug fix update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:46:00", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3565"], "description": "The net-snmp packages provide various libraries and tools for the Simple\nNetwork Management Protocol (SNMP), including an SNMP library, an\nextensible agent, tools for requesting or setting information from SNMP\nagents, tools for generating and handling SNMP traps, a version of the\nnetstat command which uses SNMP, and a Tk/Perl Management Information Base\n(MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled certain\nSNMP traps when started with the \"-OQ\" option. If an attacker sent an SNMP\ntrap containing a variable with a NULL type where an integer variable type\nwas expected, it would cause snmptrapd to crash. (CVE-2014-3565)\n\nThis update also fixes the following bugs:\n\n* The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented\nbecause parts of the HOST-RESOURCES-MIB module were rewritten in an earlier\nversion of net-snmp. Consequently, HOST-RESOURCES-MIB::hrSystemProcesses\ndid not provide information on the number of currently loaded or running\nprocesses. With this update, HOST-RESOURCES-MIB::hrSystemProcesses has been\nimplemented, and the net-snmp daemon reports as expected. (BZ#1134335)\n\n* The Net-SNMP agent daemon, snmpd, reloaded the system ARP table every 60\nseconds. As a consequence, snmpd could cause a short CPU usage spike on\nbusy systems with a large APR table. With this update, snmpd does not\nreload the full ARP table periodically, but monitors the table changes\nusing a netlink socket. (BZ#789500)\n\n* Previously, snmpd used an invalid pointer to the current time when\nperiodically checking certain conditions specified by the \"monitor\" option\nin the /etc/snmpd/snmpd.conf file. Consequently, snmpd terminated\nunexpectedly on start with a segmentation fault if a certain entry with the\n\"monitor\" option was used. Now, snmpd initializes the correct pointer\nto the current time, and snmpd no longer crashes on start. (BZ#1050970)\n\n* Previously, snmpd expected 8-bit network interface indices when\nprocessing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of a\nlocal network interface was larger than 30,000 items, snmpd could terminate\nunexpectedly due to accessing invalid memory. Now, processing of all\nnetwork sizes is enabled, and snmpd no longer crashes in the described\nsituation. (BZ#1195547)\n\n* The snmpdtrapd service incorrectly checked for errors when forwarding a\ntrap with a RequestID value of 0, and logged \"Forward failed\" even though\nthe trap was successfully forwarded. This update fixes snmptrapd checks and\nthe aforementioned message is now logged only when appropriate.\n(BZ#1146948)\n\n* Previously, snmpd ignored the value of the \"storageUseNFS\" option in the\n/etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were shown as\n\"Network Disks\", even though \"storageUseNFS\" was set to \"2\" to report them\nas \"Fixed Disks\" in HOST-RESOURCES-MIB::hrStorageTable. With this update,\nsnmpd takes the \"storageUseNFS\" option value into account, and \"Fixed Disks\"\nNFS drives are reported correctly. (BZ#1125793)\n\n* Previously, the Net-SNMP python binding used an incorrect size (8 bytes\ninstead of 4) for variables of IPADDRESS type. Consequently, applications\nthat were using Net-SNMP Python bindings could send malformed SNMP\nmessages. With this update, the bindings now use 4 bytes for variables with\nIPADRESS type, and only valid SNMP messages are sent. (BZ#1100099)\n\n* Previously, the snmpd service did not cut values in\nHOST-RESOURCES-MIB::hrStorageTable to signed 32-bit integers, as required\nby SNMP standards, and provided the values as unsigned integers. As a\nconsequence, the HOST-RESOURCES-MIB::hrStorageTable implementation did not\nconform to RFC 2790. The values are now cut to 32-bit signed integers, and\nsnmpd is therefore standard compliant. (BZ#1104293)\n\nUsers of net-snmp are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\n", "modified": "2018-06-06T20:24:07", "published": "2015-07-22T04:00:00", "id": "RHSA-2015:1385", "href": "https://access.redhat.com/errata/RHSA-2015:1385", "type": "redhat", "title": "(RHSA-2015:1385) Moderate: net-snmp security and bug fix update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:38", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3565"], "description": "[1:5.7.2-24]\n- Fixed lmSensorsTable not reporting sensors with duplicate names\n (#1252053)\n- Fixed close() overhead of extend commands (#1252048)\n- Fixed out-of-bounds write in python code (#1252034)\n[1:5.7.2-23]\n- Fixed parsing of invalid variables in incoming packets (#1248414)\n- Fixed HOST-RESOURCES-MIB::hrFSAccess flag when read-only filesystem\n becomes writable (#1241897)\n[1:5.7.2-22]\n- Fixed IP-MIB::ipSystemStatsInOctets and similar counters for IPv4\n (#1235697)\n[1:5.7.2-21]\n- Fixed crash on reloading 'exec' configuration options (#1228893)\n- Fixed CVE-2014-3565, snmptrapd died when parsing certain traps (#1209361)\n- Fixed storageUseNFS functionality in hrStorageTable (#1193006)\n- Fixed forwarding of traps with RequestID=0 in snmptrapd (#1192511)\n- Fixed hrStorageTable to contain 31 bits integers (#1192221)\n- Fixed 'clientaddr' option for UDPv6 client messages (#1190679)\n- Fixed log level of SMUX messages (#1189393)\n- Fixed UDP-MIB::udpTable index on big-endian platforms (#1184433)\n- Fixed client utilities reporting 'read_config_store open failure on\n /var/lib/net-snmp/snmpapp.conf' (#1151310)\n- Fixed snmpd crash when failed to parse SMUX message headers (#1140236)\n- Added 'diskio' option to snmpd.conf, it's possible to monitor only\n selected devices in diskIOTable (#1092308)", "edition": 4, "modified": "2015-11-23T00:00:00", "published": "2015-11-23T00:00:00", "id": "ELSA-2015-2345", "href": "http://linux.oracle.com/errata/ELSA-2015-2345.html", "title": "net-snmp security and bug fix update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:57", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3565"], "description": "[1:5.5-54.0.1]\n- Add Oracle ACFS to hrStorage (John Haxby) [orabug 18510373]\n[1:5.5-54]\n- Quicker loading of IP-MIB::ipAddrTable (#1191393)\n[1:5.5-53]\n- Quicker loading of IP-MIB::ipAddressTable (#1191393)\n[1:5.5-52]\n- Fixed snmptrapd crash when '-OQ' parameter is used and invalid trap is\n received (#CVE-2014-3565)\n[1:5.5-51]\n- added faster caching into IP-MIB::ipNetToMediaTable (#789500)\n- fixed compilation with '-Werror=format-security' (#1181994)\n- added clear error message when port specified in 'clientaddrr' config\n option cannot be bound (#886468)\n- fixed error check in IP-MIB::ipAddressTable (#1012430)\n- fixed agentx client crash on failed response (#1023570)\n- fixed dashes in net-snmp-config.h (#1034441)\n- fixed crash on monitor trigger (#1050970)\n- fixed 'netsnmp_assert 1 == new_val->high failed' message in system log\n (#1065210)\n- fixed parsing of 64bit counters from SMUX subagents (#1069046)\n- Fixed HOST-RESOURCES-MIB::hrProcessorTable on machines with >100 CPUs\n (#1070075)\n- fixed net-snmp-create-v3-user to have the same content on 32 and 64bit\n installations (#1073544)\n- fixed IPADDRESS value length in Python bindings (#1100099)\n- fixed hrStorageTable to contain 31 bits integers (#1104293)\n- fixed links to developer man pages (#1119567)\n- fixed storageUseNFS functionality in hrStorageTable (#1125793)\n- fixed netsnmp_set Python bindings call truncating at the first '\\000'\n character (#1126914)\n- fixed log level of SMUX messages (#1140234)\n- use python/README to net-snmp-python subpackage (#1157373)\n- fixed forwarding of traps with RequestID=0 in snmptrapd (#1146948)\n- fixed typos in NET-SNMP-PASS-MIB and SMUX-MIB (#1162040)\n- fixed close() overhead of extend commands (#1188295)\n- fixed lmSensorsTable not reporting sensors with duplicate names (#967871)\n- fixed hrDeviceTable with interfaces with large ifIndex (#1195547)", "edition": 4, "modified": "2015-07-28T00:00:00", "published": "2015-07-28T00:00:00", "id": "ELSA-2015-1385", "href": "http://linux.oracle.com/errata/ELSA-2015-1385.html", "title": "net-snmp security and bug fix update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:07", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3565"], "description": "\nMurray McAllister reports:\n\nA remote denial-of-service flaw was found in the way\n\t snmptrapd handled certain SNMP traps when started with the\n\t \"-OQ\" option. If an attacker sent an SNMP trap containing a\n\t variable with a NULL type where an integer variable type was\n\t expected, it would cause snmptrapd to crash.\n\n", "edition": 4, "modified": "2014-07-31T00:00:00", "published": "2014-07-31T00:00:00", "id": "4622635F-37A1-11E5-9970-14DAE9D210B8", "href": "https://vuxml.freebsd.org/freebsd/4622635f-37a1-11e5-9970-14dae9d210b8.html", "title": "net-snmp -- snmptrapd crash", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:24", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3565"], "edition": 1, "description": "### Background\n\nSNMP is a widely used protocol for monitoring the health and welfare of network equipment. \n\n### Description\n\nA specially crafted trap message triggers a conversion to an erroneous variable type when the -OQ option is used. \n\n### Impact\n\nA remote attacker could possibly cause a Denial of Service condition.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll SNMP users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=net-analyzer/net-snmp-5.7.3_pre5-r1\"", "modified": "2015-07-10T00:00:00", "published": "2015-07-10T00:00:00", "id": "GLSA-201507-17", "href": "https://security.gentoo.org/glsa/201507-17", "type": "gentoo", "title": "SNMP: Denial of Service", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3565"], "description": "SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc. You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities. ", "modified": "2014-09-23T05:00:09", "published": "2014-09-23T05:00:09", "id": "FEDORA:708122455A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: net-snmp-5.7.2-23.fc21", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3565"], "description": "SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc. You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities. ", "modified": "2014-09-09T22:10:31", "published": "2014-09-09T22:10:31", "id": "FEDORA:6DDF422DE0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: net-snmp-5.7.2-18.fc20", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3565"], "description": "SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc. You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities. ", "modified": "2014-09-10T13:27:10", "published": "2014-09-10T13:27:10", "id": "FEDORA:DA63122D8B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: net-snmp-5.7.2-15.fc19", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-01-12T11:04:40", "description": "The remote host is affected by the vulnerability described in GLSA-201507-17\n(SNMP: Denial of Service)\n\n A specially crafted trap message triggers a conversion to an erroneous\n variable type when the -OQ option is used.\n \nImpact :\n\n A remote attacker could possibly cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "published": "2015-09-23T00:00:00", "title": "GLSA-201507-17 : SNMP: Denial of Service", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "modified": "2015-09-23T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:net-snmp", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201507-17.NASL", "href": "https://www.tenable.com/plugins/nessus/86086", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201507-17.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86086);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3565\");\n script_bugtraq_id(69477);\n script_xref(name:\"GLSA\", value:\"201507-17\");\n\n script_name(english:\"GLSA-201507-17 : SNMP: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201507-17\n(SNMP: Denial of Service)\n\n A specially crafted trap message triggers a conversion to an erroneous\n variable type when the -OQ option is used.\n \nImpact :\n\n A remote attacker could possibly cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201507-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All SNMP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=net-analyzer/net-snmp-5.7.3_pre5-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/net-snmp\", unaffected:make_list(\"ge 5.7.3_pre5-r1\"), vulnerable:make_list(\"lt 5.7.3_pre5-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SNMP\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:42:31", "description": "Murray McAllister reports :\n\nA remote denial-of-service flaw was found in the way snmptrapd handled\ncertain SNMP traps when started with the '-OQ' option. If an attacker\nsent an SNMP trap containing a variable with a NULL type where an\ninteger variable type was expected, it would cause snmptrapd to crash.", "edition": 23, "published": "2015-08-03T00:00:00", "title": "FreeBSD : net-snmp -- snmptrapd crash (4622635f-37a1-11e5-9970-14dae9d210b8)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "modified": "2015-08-03T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:net-snmp", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_4622635F37A111E5997014DAE9D210B8.NASL", "href": "https://www.tenable.com/plugins/nessus/85173", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85173);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-3565\");\n\n script_name(english:\"FreeBSD : net-snmp -- snmptrapd crash (4622635f-37a1-11e5-9970-14dae9d210b8)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Murray McAllister reports :\n\nA remote denial-of-service flaw was found in the way snmptrapd handled\ncertain SNMP traps when started with the '-OQ' option. If an attacker\nsent an SNMP trap containing a variable with a NULL type where an\ninteger variable type was expected, it would cause snmptrapd to crash.\"\n );\n # http://seclists.org/oss-sec/2014/q3/473\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://seclists.org/oss-sec/2014/q3/473\"\n );\n # http://sourceforge.net/p/net-snmp/code/ci/7f4a7b891332899cea26e95be0337aae01648742/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?702354d4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://sourceforge.net/p/net-snmp/official-patches/48/\"\n );\n # https://vuxml.freebsd.org/freebsd/4622635f-37a1-11e5-9970-14dae9d210b8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3100c9e8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/07/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"net-snmp>=5.7.0<=5.7.2.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"net-snmp>=5.6.0<=5.6.2.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"net-snmp>=5.5.0<=5.5.2.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"net-snmp>=5.4.0<=5.4.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T12:27:54", "description": "net-snmp was updated to fix a remote denial of service problem inside\nsnmptrapd when started with the '-OQ' option\n(CVE-2014-3565)(bnc#894361)", "edition": 19, "published": "2014-09-11T00:00:00", "title": "openSUSE Security Update : net-snmp (openSUSE-SU-2014:1108-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "modified": "2014-09-11T00:00:00", "cpe": ["cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:perl-SNMP", "p-cpe:/a:novell:opensuse:net-snmp-debugsource", "p-cpe:/a:novell:opensuse:net-snmp-devel", "p-cpe:/a:novell:opensuse:perl-SNMP-debuginfo", "p-cpe:/a:novell:opensuse:libsnmp30-32bit", "p-cpe:/a:novell:opensuse:libsnmp30-debuginfo-32bit", "p-cpe:/a:novell:opensuse:net-snmp-devel-32bit", "p-cpe:/a:novell:opensuse:net-snmp-python", "p-cpe:/a:novell:opensuse:net-snmp", "p-cpe:/a:novell:opensuse:snmp-mibs", "p-cpe:/a:novell:opensuse:libsnmp30-debuginfo", "p-cpe:/a:novell:opensuse:libsnmp30", "p-cpe:/a:novell:opensuse:net-snmp-python-debuginfo", "p-cpe:/a:novell:opensuse:net-snmp-debuginfo", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-533.NASL", "href": "https://www.tenable.com/plugins/nessus/77620", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-533.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77620);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3565\");\n\n script_name(english:\"openSUSE Security Update : net-snmp (openSUSE-SU-2014:1108-1)\");\n script_summary(english:\"Check for the openSUSE-2014-533 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"net-snmp was updated to fix a remote denial of service problem inside\nsnmptrapd when started with the '-OQ' option\n(CVE-2014-3565)(bnc#894361)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=894361\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-09/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsnmp30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsnmp30-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsnmp30-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsnmp30-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-SNMP\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-SNMP-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:snmp-mibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libsnmp30-5.7.2-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libsnmp30-debuginfo-5.7.2-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"net-snmp-5.7.2-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"net-snmp-debuginfo-5.7.2-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"net-snmp-debugsource-5.7.2-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"net-snmp-devel-5.7.2-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"perl-SNMP-5.7.2-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"perl-SNMP-debuginfo-5.7.2-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"snmp-mibs-5.7.2-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libsnmp30-32bit-5.7.2-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libsnmp30-debuginfo-32bit-5.7.2-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"net-snmp-devel-32bit-5.7.2-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsnmp30-5.7.2-9.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsnmp30-debuginfo-5.7.2-9.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"net-snmp-5.7.2-9.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"net-snmp-debuginfo-5.7.2-9.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"net-snmp-debugsource-5.7.2-9.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"net-snmp-devel-5.7.2-9.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"net-snmp-python-5.7.2-9.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"net-snmp-python-debuginfo-5.7.2-9.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"perl-SNMP-5.7.2-9.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"perl-SNMP-debuginfo-5.7.2-9.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"snmp-mibs-5.7.2-9.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libsnmp30-32bit-5.7.2-9.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libsnmp30-debuginfo-32bit-5.7.2-9.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"net-snmp-devel-32bit-5.7.2-9.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-02-01T02:04:56", "description": "snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is\nused, allows remote attackers to cause a denial of service (snmptrapd\ncrash) via a crafted SNMP trap message, which triggers a conversion to\nthe variable type designated in the MIB file, as demonstrated by a\nNULL type in an ifMtu trap message. (CVE-2014-3565)", "edition": 27, "published": "2016-05-24T00:00:00", "title": "F5 Networks BIG-IP : SNMP vulnerability (K17315)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "id": "F5_BIGIP_SOL17315.NASL", "href": "https://www.tenable.com/plugins/nessus/91302", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K17315.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91302);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2014-3565\");\n script_bugtraq_id(69477);\n\n script_name(english:\"F5 Networks BIG-IP : SNMP vulnerability (K17315)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is\nused, allows remote attackers to cause a denial of service (snmptrapd\ncrash) via a crafted SNMP trap message, which triggers a conversion to\nthe variable type designated in the MIB file, as demonstrated by a\nNULL type in an ifMtu trap message. (CVE-2014-3565)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K17315\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K17315.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K17315\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.3.0-11.6.0\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.4.0-11.6.0\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.3.0-11.6.0\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"12.1.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:48:53", "description": "A denial of service flaw was found in the way snmptrapd handled\ncertain SNMP traps when started with the '-OQ' option. If an attacker\nsent an SNMP trap containing a variable with a NULL type where an\ninteger variable type was expected, it would cause snmptrapd to crash.\n(CVE-2014-3565)\n\nThis update also fixes the following bugs :\n\n - The HOST-RESOURCES-MIB::hrSystemProcesses object was not\n implemented because parts of the HOST-RESOURCES-MIB\n module were rewritten in an earlier version of net-snmp.\n Consequently, HOST-RESOURCES- MIB::hrSystemProcesses did\n not provide information on the number of currently\n loaded or running processes. With this update,\n HOST-RESOURCES- MIB::hrSystemProcesses has been\n implemented, and the net-snmp daemon reports as\n expected.\n\n - The Net-SNMP agent daemon, snmpd, reloaded the system\n ARP table every 60 seconds. As a consequence, snmpd\n could cause a short CPU usage spike on busy systems with\n a large APR table. With this update, snmpd does not\n reload the full ARP table periodically, but monitors the\n table changes using a netlink socket.\n\n - Previously, snmpd used an invalid pointer to the current\n time when periodically checking certain conditions\n specified by the 'monitor' option in the\n /etc/snmpd/snmpd.conf file. Consequently, snmpd\n terminated unexpectedly on start with a segmentation\n fault if a certain entry with the 'monitor' option was\n used. Now, snmpd initializes the correct pointer to the\n current time, and snmpd no longer crashes on start.\n\n - Previously, snmpd expected 8-bit network interface\n indices when processing\n HOST-RESOURCES-MIB::hrDeviceTable. If an interface index\n of a local network interface was larger than 30,000\n items, snmpd could terminate unexpectedly due to\n accessing invalid memory. Now, processing of all network\n sizes is enabled, and snmpd no longer crashes in the\n described situation.\n\n - The snmpdtrapd service incorrectly checked for errors\n when forwarding a trap with a RequestID value of 0, and\n logged 'Forward failed' even though the trap was\n successfully forwarded. This update fixes snmptrapd\n checks and the aforementioned message is now logged only\n when appropriate.\n\n - Previously, snmpd ignored the value of the\n 'storageUseNFS' option in the /etc/snmpd/snmpd.conf\n file. As a consequence, NFS drivers were shown as\n 'Network Disks', even though 'storageUseNFS' was set to\n '2' to report them as 'Fixed Disks' in\n HOST-RESOURCES-MIB::hrStorageTable. With this update,\n snmpd takes the 'storageUseNFS' option value into\n account, and 'Fixed Disks' NFS drives are reported\n correctly.\n\n - Previously, the Net-SNMP python binding used an\n incorrect size (8 bytes instead of 4) for variables of\n IPADDRESS type. Consequently, applications that were\n using Net-SNMP Python bindings could send malformed SNMP\n messages. With this update, the bindings now use 4 bytes\n for variables with IPADRESS type, and only valid SNMP\n messages are sent.\n\n - Previously, the snmpd service did not cut values in\n HOST-RESOURCES- MIB::hrStorageTable to signed 32-bit\n integers, as required by SNMP standards, and provided\n the values as unsigned integers. As a consequence, the\n HOST-RESOURCES-MIB::hrStorageTable implementation did\n not conform to RFC 2790. The values are now cut to\n 32-bit signed integers, and snmpd is therefore standard\n compliant.", "edition": 15, "published": "2015-08-04T00:00:00", "title": "Scientific Linux Security Update : net-snmp on SL6.x i386/x86_64 (20150722)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "modified": "2015-08-04T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:net-snmp-utils", "p-cpe:/a:fermilab:scientific_linux:net-snmp-perl", "p-cpe:/a:fermilab:scientific_linux:net-snmp-debuginfo", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:net-snmp-devel", "p-cpe:/a:fermilab:scientific_linux:net-snmp-python", "p-cpe:/a:fermilab:scientific_linux:net-snmp-libs", "p-cpe:/a:fermilab:scientific_linux:net-snmp"], "id": "SL_20150722_NET_SNMP_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/85202", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85202);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3565\");\n\n script_name(english:\"Scientific Linux Security Update : net-snmp on SL6.x i386/x86_64 (20150722)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in the way snmptrapd handled\ncertain SNMP traps when started with the '-OQ' option. If an attacker\nsent an SNMP trap containing a variable with a NULL type where an\ninteger variable type was expected, it would cause snmptrapd to crash.\n(CVE-2014-3565)\n\nThis update also fixes the following bugs :\n\n - The HOST-RESOURCES-MIB::hrSystemProcesses object was not\n implemented because parts of the HOST-RESOURCES-MIB\n module were rewritten in an earlier version of net-snmp.\n Consequently, HOST-RESOURCES- MIB::hrSystemProcesses did\n not provide information on the number of currently\n loaded or running processes. With this update,\n HOST-RESOURCES- MIB::hrSystemProcesses has been\n implemented, and the net-snmp daemon reports as\n expected.\n\n - The Net-SNMP agent daemon, snmpd, reloaded the system\n ARP table every 60 seconds. As a consequence, snmpd\n could cause a short CPU usage spike on busy systems with\n a large APR table. With this update, snmpd does not\n reload the full ARP table periodically, but monitors the\n table changes using a netlink socket.\n\n - Previously, snmpd used an invalid pointer to the current\n time when periodically checking certain conditions\n specified by the 'monitor' option in the\n /etc/snmpd/snmpd.conf file. Consequently, snmpd\n terminated unexpectedly on start with a segmentation\n fault if a certain entry with the 'monitor' option was\n used. Now, snmpd initializes the correct pointer to the\n current time, and snmpd no longer crashes on start.\n\n - Previously, snmpd expected 8-bit network interface\n indices when processing\n HOST-RESOURCES-MIB::hrDeviceTable. If an interface index\n of a local network interface was larger than 30,000\n items, snmpd could terminate unexpectedly due to\n accessing invalid memory. Now, processing of all network\n sizes is enabled, and snmpd no longer crashes in the\n described situation.\n\n - The snmpdtrapd service incorrectly checked for errors\n when forwarding a trap with a RequestID value of 0, and\n logged 'Forward failed' even though the trap was\n successfully forwarded. This update fixes snmptrapd\n checks and the aforementioned message is now logged only\n when appropriate.\n\n - Previously, snmpd ignored the value of the\n 'storageUseNFS' option in the /etc/snmpd/snmpd.conf\n file. As a consequence, NFS drivers were shown as\n 'Network Disks', even though 'storageUseNFS' was set to\n '2' to report them as 'Fixed Disks' in\n HOST-RESOURCES-MIB::hrStorageTable. With this update,\n snmpd takes the 'storageUseNFS' option value into\n account, and 'Fixed Disks' NFS drives are reported\n correctly.\n\n - Previously, the Net-SNMP python binding used an\n incorrect size (8 bytes instead of 4) for variables of\n IPADDRESS type. Consequently, applications that were\n using Net-SNMP Python bindings could send malformed SNMP\n messages. With this update, the bindings now use 4 bytes\n for variables with IPADRESS type, and only valid SNMP\n messages are sent.\n\n - Previously, the snmpd service did not cut values in\n HOST-RESOURCES- MIB::hrStorageTable to signed 32-bit\n integers, as required by SNMP standards, and provided\n the values as unsigned integers. As a consequence, the\n HOST-RESOURCES-MIB::hrStorageTable implementation did\n not conform to RFC 2790. The values are now cut to\n 32-bit signed integers, and snmpd is therefore standard\n compliant.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1508&L=scientific-linux-errata&F=&S=&P=5847\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b632e971\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:net-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:net-snmp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:net-snmp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:net-snmp-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"net-snmp-5.5-54.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"net-snmp-debuginfo-5.5-54.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"net-snmp-devel-5.5-54.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"net-snmp-libs-5.5-54.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"net-snmp-perl-5.5-54.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"net-snmp-python-5.5-54.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"net-snmp-utils-5.5-54.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp / net-snmp-debuginfo / net-snmp-devel / net-snmp-libs / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-02-01T05:32:35", "description": "Updated net-snmp packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe net-snmp packages provide various libraries and tools for the\nSimple Network Management Protocol (SNMP), including an SNMP library,\nan extensible agent, tools for requesting or setting information from\nSNMP agents, tools for generating and handling SNMP traps, a version\nof the netstat command which uses SNMP, and a Tk/Perl Management\nInformation Base (MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled\ncertain SNMP traps when started with the '-OQ' option. If an attacker\nsent an SNMP trap containing a variable with a NULL type where an\ninteger variable type was expected, it would cause snmptrapd to crash.\n(CVE-2014-3565)\n\nThis update also fixes the following bugs :\n\n* Previously, the clientaddr option in the snmp.conf file affected\noutgoing messages sent only over IPv4. With this release, outgoing\nIPv6 messages are correctly sent from the interface specified by\nclientaddr. (BZ#1190679)\n\n* The Net-SNMP daemon, snmpd, did not properly clean memory when\nreloading its configuration file with multiple 'exec' entries.\nConsequently, the daemon terminated unexpectedly. Now, the memory is\nproperly cleaned, and snmpd no longer crashes on reload. (BZ#1228893)\n\n* Prior to this update, snmpd did not parse complete IPv4 traffic\nstatistics, but reported the number of received or sent bytes in the\nIP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4.\nThis affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets,\nipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the\nstatistics reported by snmpd are collected for IPv4 as well.\n(BZ#1235697)\n\n* The Net-SNMP daemon, snmpd, did not correctly detect the file system\nchange from read-only to read-write. Consequently, after remounting\nthe file system into the read-write mode, the daemon reported it to be\nstill in the read-only mode. A patch has been applied, and snmpd now\ndetects the mode changes as expected. (BZ#1241897)\n\nAll net-snmp users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.", "edition": 29, "published": "2015-11-20T00:00:00", "title": "RHEL 7 : net-snmp (RHSA-2015:2345)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:net-snmp-python", "p-cpe:/a:redhat:enterprise_linux:net-snmp-agent-libs", "cpe:/o:redhat:enterprise_linux:7.4", "p-cpe:/a:redhat:enterprise_linux:net-snmp-sysvinit", "p-cpe:/a:redhat:enterprise_linux:net-snmp", "p-cpe:/a:redhat:enterprise_linux:net-snmp-devel", "cpe:/o:redhat:enterprise_linux:7.7", "p-cpe:/a:redhat:enterprise_linux:net-snmp-libs", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "p-cpe:/a:redhat:enterprise_linux:net-snmp-gui", "cpe:/o:redhat:enterprise_linux:7.2", "p-cpe:/a:redhat:enterprise_linux:net-snmp-debuginfo", "p-cpe:/a:redhat:enterprise_linux:net-snmp-utils", "cpe:/o:redhat:enterprise_linux:7.6", "p-cpe:/a:redhat:enterprise_linux:net-snmp-perl"], "id": "REDHAT-RHSA-2015-2345.NASL", "href": "https://www.tenable.com/plugins/nessus/86982", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2345. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86982);\n script_version(\"2.11\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2014-3565\");\n script_xref(name:\"RHSA\", value:\"2015:2345\");\n\n script_name(english:\"RHEL 7 : net-snmp (RHSA-2015:2345)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated net-snmp packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe net-snmp packages provide various libraries and tools for the\nSimple Network Management Protocol (SNMP), including an SNMP library,\nan extensible agent, tools for requesting or setting information from\nSNMP agents, tools for generating and handling SNMP traps, a version\nof the netstat command which uses SNMP, and a Tk/Perl Management\nInformation Base (MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled\ncertain SNMP traps when started with the '-OQ' option. If an attacker\nsent an SNMP trap containing a variable with a NULL type where an\ninteger variable type was expected, it would cause snmptrapd to crash.\n(CVE-2014-3565)\n\nThis update also fixes the following bugs :\n\n* Previously, the clientaddr option in the snmp.conf file affected\noutgoing messages sent only over IPv4. With this release, outgoing\nIPv6 messages are correctly sent from the interface specified by\nclientaddr. (BZ#1190679)\n\n* The Net-SNMP daemon, snmpd, did not properly clean memory when\nreloading its configuration file with multiple 'exec' entries.\nConsequently, the daemon terminated unexpectedly. Now, the memory is\nproperly cleaned, and snmpd no longer crashes on reload. (BZ#1228893)\n\n* Prior to this update, snmpd did not parse complete IPv4 traffic\nstatistics, but reported the number of received or sent bytes in the\nIP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4.\nThis affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets,\nipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the\nstatistics reported by snmpd are collected for IPv4 as well.\n(BZ#1235697)\n\n* The Net-SNMP daemon, snmpd, did not correctly detect the file system\nchange from read-only to read-write. Consequently, after remounting\nthe file system into the read-write mode, the daemon reported it to be\nstill in the read-only mode. A patch has been applied, and snmpd now\ndetects the mode changes as expected. (BZ#1241897)\n\nAll net-snmp users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2345\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3565\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp-agent-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2345\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"net-snmp-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"net-snmp-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"net-snmp-agent-libs-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"net-snmp-debuginfo-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"net-snmp-devel-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"net-snmp-gui-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"net-snmp-gui-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"net-snmp-libs-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"net-snmp-perl-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"net-snmp-perl-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"net-snmp-python-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"net-snmp-python-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"net-snmp-sysvinit-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"net-snmp-sysvinit-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"net-snmp-utils-5.7.2-24.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"net-snmp-utils-5.7.2-24.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp / net-snmp-agent-libs / net-snmp-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:12:01", "description": "Update package fixes following bugs :\n\n - CVE-2014-3565 net-snmp: snmptrapd crash when handling an\n SNMP trap containing a ifMtu with a NULL type\n\n - net-snmp-cert now works without net-snmp-devel package\n installed\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2014-09-10T00:00:00", "title": "Fedora 20 : net-snmp-5.7.2-18.fc20 (2014-10095)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "modified": "2014-09-10T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:net-snmp", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-10095.NASL", "href": "https://www.tenable.com/plugins/nessus/77586", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-10095.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77586);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3565\");\n script_bugtraq_id(69477);\n script_xref(name:\"FEDORA\", value:\"2014-10095\");\n\n script_name(english:\"Fedora 20 : net-snmp-5.7.2-18.fc20 (2014-10095)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update package fixes following bugs :\n\n - CVE-2014-3565 net-snmp: snmptrapd crash when handling an\n SNMP trap containing a ifMtu with a NULL type\n\n - net-snmp-cert now works without net-snmp-devel package\n installed\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1125155\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137318.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?10792d14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"net-snmp-5.7.2-18.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:50:16", "description": "From Red Hat Security Advisory 2015:2345 :\n\nUpdated net-snmp packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe net-snmp packages provide various libraries and tools for the\nSimple Network Management Protocol (SNMP), including an SNMP library,\nan extensible agent, tools for requesting or setting information from\nSNMP agents, tools for generating and handling SNMP traps, a version\nof the netstat command which uses SNMP, and a Tk/Perl Management\nInformation Base (MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled\ncertain SNMP traps when started with the '-OQ' option. If an attacker\nsent an SNMP trap containing a variable with a NULL type where an\ninteger variable type was expected, it would cause snmptrapd to crash.\n(CVE-2014-3565)\n\nThis update also fixes the following bugs :\n\n* Previously, the clientaddr option in the snmp.conf file affected\noutgoing messages sent only over IPv4. With this release, outgoing\nIPv6 messages are correctly sent from the interface specified by\nclientaddr. (BZ#1190679)\n\n* The Net-SNMP daemon, snmpd, did not properly clean memory when\nreloading its configuration file with multiple 'exec' entries.\nConsequently, the daemon terminated unexpectedly. Now, the memory is\nproperly cleaned, and snmpd no longer crashes on reload. (BZ#1228893)\n\n* Prior to this update, snmpd did not parse complete IPv4 traffic\nstatistics, but reported the number of received or sent bytes in the\nIP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4.\nThis affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets,\nipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the\nstatistics reported by snmpd are collected for IPv4 as well.\n(BZ#1235697)\n\n* The Net-SNMP daemon, snmpd, did not correctly detect the file system\nchange from read-only to read-write. Consequently, after remounting\nthe file system into the read-write mode, the daemon reported it to be\nstill in the read-only mode. A patch has been applied, and snmpd now\ndetects the mode changes as expected. (BZ#1241897)\n\nAll net-snmp users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.", "edition": 25, "published": "2015-11-24T00:00:00", "title": "Oracle Linux 7 : net-snmp (ELSA-2015-2345)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "modified": "2015-11-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:net-snmp-perl", "p-cpe:/a:oracle:linux:net-snmp-python", "p-cpe:/a:oracle:linux:net-snmp-gui", "p-cpe:/a:oracle:linux:net-snmp-utils", "p-cpe:/a:oracle:linux:net-snmp", "p-cpe:/a:oracle:linux:net-snmp-devel", "p-cpe:/a:oracle:linux:net-snmp-libs", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:net-snmp-agent-libs", "p-cpe:/a:oracle:linux:net-snmp-sysvinit"], "id": "ORACLELINUX_ELSA-2015-2345.NASL", "href": "https://www.tenable.com/plugins/nessus/87034", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:2345 and \n# Oracle Linux Security Advisory ELSA-2015-2345 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87034);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3565\");\n script_xref(name:\"RHSA\", value:\"2015:2345\");\n\n script_name(english:\"Oracle Linux 7 : net-snmp (ELSA-2015-2345)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:2345 :\n\nUpdated net-snmp packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe net-snmp packages provide various libraries and tools for the\nSimple Network Management Protocol (SNMP), including an SNMP library,\nan extensible agent, tools for requesting or setting information from\nSNMP agents, tools for generating and handling SNMP traps, a version\nof the netstat command which uses SNMP, and a Tk/Perl Management\nInformation Base (MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled\ncertain SNMP traps when started with the '-OQ' option. If an attacker\nsent an SNMP trap containing a variable with a NULL type where an\ninteger variable type was expected, it would cause snmptrapd to crash.\n(CVE-2014-3565)\n\nThis update also fixes the following bugs :\n\n* Previously, the clientaddr option in the snmp.conf file affected\noutgoing messages sent only over IPv4. With this release, outgoing\nIPv6 messages are correctly sent from the interface specified by\nclientaddr. (BZ#1190679)\n\n* The Net-SNMP daemon, snmpd, did not properly clean memory when\nreloading its configuration file with multiple 'exec' entries.\nConsequently, the daemon terminated unexpectedly. Now, the memory is\nproperly cleaned, and snmpd no longer crashes on reload. (BZ#1228893)\n\n* Prior to this update, snmpd did not parse complete IPv4 traffic\nstatistics, but reported the number of received or sent bytes in the\nIP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4.\nThis affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets,\nipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the\nstatistics reported by snmpd are collected for IPv4 as well.\n(BZ#1235697)\n\n* The Net-SNMP daemon, snmpd, did not correctly detect the file system\nchange from read-only to read-write. Consequently, after remounting\nthe file system into the read-write mode, the daemon reported it to be\nstill in the read-only mode. A patch has been applied, and snmpd now\ndetects the mode changes as expected. (BZ#1241897)\n\nAll net-snmp users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-November/005565.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-agent-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"net-snmp-5.7.2-24.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"net-snmp-agent-libs-5.7.2-24.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"net-snmp-devel-5.7.2-24.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"net-snmp-gui-5.7.2-24.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"net-snmp-libs-5.7.2-24.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"net-snmp-perl-5.7.2-24.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"net-snmp-python-5.7.2-24.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"net-snmp-sysvinit-5.7.2-24.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"net-snmp-utils-5.7.2-24.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp / net-snmp-agent-libs / net-snmp-devel / net-snmp-gui / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:30:16", "description": "Updated net-snmp packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe net-snmp packages provide various libraries and tools for the\nSimple Network Management Protocol (SNMP), including an SNMP library,\nan extensible agent, tools for requesting or setting information from\nSNMP agents, tools for generating and handling SNMP traps, a version\nof the netstat command which uses SNMP, and a Tk/Perl Management\nInformation Base (MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled\ncertain SNMP traps when started with the '-OQ' option. If an attacker\nsent an SNMP trap containing a variable with a NULL type where an\ninteger variable type was expected, it would cause snmptrapd to crash.\n(CVE-2014-3565)\n\nThis update also fixes the following bugs :\n\n* The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented\nbecause parts of the HOST-RESOURCES-MIB module were rewritten in an\nearlier version of net-snmp. Consequently,\nHOST-RESOURCES-MIB::hrSystemProcesses did not provide information on\nthe number of currently loaded or running processes. With this update,\nHOST-RESOURCES-MIB::hrSystemProcesses has been implemented, and the\nnet-snmp daemon reports as expected. (BZ#1134335)\n\n* The Net-SNMP agent daemon, snmpd, reloaded the system ARP table\nevery 60 seconds. As a consequence, snmpd could cause a short CPU\nusage spike on busy systems with a large APR table. With this update,\nsnmpd does not reload the full ARP table periodically, but monitors\nthe table changes using a netlink socket. (BZ#789500)\n\n* Previously, snmpd used an invalid pointer to the current time when\nperiodically checking certain conditions specified by the 'monitor'\noption in the /etc/snmpd/snmpd.conf file. Consequently, snmpd\nterminated unexpectedly on start with a segmentation fault if a\ncertain entry with the 'monitor' option was used. Now, snmpd\ninitializes the correct pointer to the current time, and snmpd no\nlonger crashes on start. (BZ#1050970)\n\n* Previously, snmpd expected 8-bit network interface indices when\nprocessing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of\na local network interface was larger than 30,000 items, snmpd could\nterminate unexpectedly due to accessing invalid memory. Now,\nprocessing of all network sizes is enabled, and snmpd no longer\ncrashes in the described situation. (BZ#1195547)\n\n* The snmpdtrapd service incorrectly checked for errors when\nforwarding a trap with a RequestID value of 0, and logged 'Forward\nfailed' even though the trap was successfully forwarded. This update\nfixes snmptrapd checks and the aforementioned message is now logged\nonly when appropriate. (BZ#1146948)\n\n* Previously, snmpd ignored the value of the 'storageUseNFS' option in\nthe /etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were\nshown as 'Network Disks', even though 'storageUseNFS' was set to '2'\nto report them as 'Fixed Disks' in HOST-RESOURCES-MIB::hrStorageTable.\nWith this update, snmpd takes the 'storageUseNFS' option value into\naccount, and 'Fixed Disks' NFS drives are reported correctly.\n(BZ#1125793)\n\n* Previously, the Net-SNMP python binding used an incorrect size (8\nbytes instead of 4) for variables of IPADDRESS type. Consequently,\napplications that were using Net-SNMP Python bindings could send\nmalformed SNMP messages. With this update, the bindings now use 4\nbytes for variables with IPADRESS type, and only valid SNMP messages\nare sent. (BZ#1100099)\n\n* Previously, the snmpd service did not cut values in\nHOST-RESOURCES-MIB::hrStorageTable to signed 32-bit integers, as\nrequired by SNMP standards, and provided the values as unsigned\nintegers. As a consequence, the HOST-RESOURCES-MIB::hrStorageTable\nimplementation did not conform to RFC 2790. The values are now cut to\n32-bit signed integers, and snmpd is therefore standard compliant.\n(BZ#1104293)\n\nUsers of net-snmp are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.", "edition": 28, "published": "2015-07-28T00:00:00", "title": "CentOS 6 : net-snmp (CESA-2015:1385)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "modified": "2015-07-28T00:00:00", "cpe": ["p-cpe:/a:centos:centos:net-snmp-utils", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:net-snmp-libs", "p-cpe:/a:centos:centos:net-snmp-perl", "p-cpe:/a:centos:centos:net-snmp", "p-cpe:/a:centos:centos:net-snmp-python", "p-cpe:/a:centos:centos:net-snmp-devel"], "id": "CENTOS_RHSA-2015-1385.NASL", "href": "https://www.tenable.com/plugins/nessus/85016", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1385 and \n# CentOS Errata and Security Advisory 2015:1385 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85016);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-3565\");\n script_bugtraq_id(69477);\n script_xref(name:\"RHSA\", value:\"2015:1385\");\n\n script_name(english:\"CentOS 6 : net-snmp (CESA-2015:1385)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated net-snmp packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe net-snmp packages provide various libraries and tools for the\nSimple Network Management Protocol (SNMP), including an SNMP library,\nan extensible agent, tools for requesting or setting information from\nSNMP agents, tools for generating and handling SNMP traps, a version\nof the netstat command which uses SNMP, and a Tk/Perl Management\nInformation Base (MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled\ncertain SNMP traps when started with the '-OQ' option. If an attacker\nsent an SNMP trap containing a variable with a NULL type where an\ninteger variable type was expected, it would cause snmptrapd to crash.\n(CVE-2014-3565)\n\nThis update also fixes the following bugs :\n\n* The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented\nbecause parts of the HOST-RESOURCES-MIB module were rewritten in an\nearlier version of net-snmp. Consequently,\nHOST-RESOURCES-MIB::hrSystemProcesses did not provide information on\nthe number of currently loaded or running processes. With this update,\nHOST-RESOURCES-MIB::hrSystemProcesses has been implemented, and the\nnet-snmp daemon reports as expected. (BZ#1134335)\n\n* The Net-SNMP agent daemon, snmpd, reloaded the system ARP table\nevery 60 seconds. As a consequence, snmpd could cause a short CPU\nusage spike on busy systems with a large APR table. With this update,\nsnmpd does not reload the full ARP table periodically, but monitors\nthe table changes using a netlink socket. (BZ#789500)\n\n* Previously, snmpd used an invalid pointer to the current time when\nperiodically checking certain conditions specified by the 'monitor'\noption in the /etc/snmpd/snmpd.conf file. Consequently, snmpd\nterminated unexpectedly on start with a segmentation fault if a\ncertain entry with the 'monitor' option was used. Now, snmpd\ninitializes the correct pointer to the current time, and snmpd no\nlonger crashes on start. (BZ#1050970)\n\n* Previously, snmpd expected 8-bit network interface indices when\nprocessing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of\na local network interface was larger than 30,000 items, snmpd could\nterminate unexpectedly due to accessing invalid memory. Now,\nprocessing of all network sizes is enabled, and snmpd no longer\ncrashes in the described situation. (BZ#1195547)\n\n* The snmpdtrapd service incorrectly checked for errors when\nforwarding a trap with a RequestID value of 0, and logged 'Forward\nfailed' even though the trap was successfully forwarded. This update\nfixes snmptrapd checks and the aforementioned message is now logged\nonly when appropriate. (BZ#1146948)\n\n* Previously, snmpd ignored the value of the 'storageUseNFS' option in\nthe /etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were\nshown as 'Network Disks', even though 'storageUseNFS' was set to '2'\nto report them as 'Fixed Disks' in HOST-RESOURCES-MIB::hrStorageTable.\nWith this update, snmpd takes the 'storageUseNFS' option value into\naccount, and 'Fixed Disks' NFS drives are reported correctly.\n(BZ#1125793)\n\n* Previously, the Net-SNMP python binding used an incorrect size (8\nbytes instead of 4) for variables of IPADDRESS type. Consequently,\napplications that were using Net-SNMP Python bindings could send\nmalformed SNMP messages. With this update, the bindings now use 4\nbytes for variables with IPADRESS type, and only valid SNMP messages\nare sent. (BZ#1100099)\n\n* Previously, the snmpd service did not cut values in\nHOST-RESOURCES-MIB::hrStorageTable to signed 32-bit integers, as\nrequired by SNMP standards, and provided the values as unsigned\nintegers. As a consequence, the HOST-RESOURCES-MIB::hrStorageTable\nimplementation did not conform to RFC 2790. The values are now cut to\n32-bit signed integers, and snmpd is therefore standard compliant.\n(BZ#1104293)\n\nUsers of net-snmp are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2015-July/002025.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2bae3201\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3565\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"net-snmp-5.5-54.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"net-snmp-devel-5.5-54.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"net-snmp-libs-5.5-54.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"net-snmp-perl-5.5-54.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"net-snmp-python-5.5-54.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"net-snmp-utils-5.5-54.el6\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp / net-snmp-devel / net-snmp-libs / net-snmp-perl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:50:05", "description": "From Red Hat Security Advisory 2015:1385 :\n\nUpdated net-snmp packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe net-snmp packages provide various libraries and tools for the\nSimple Network Management Protocol (SNMP), including an SNMP library,\nan extensible agent, tools for requesting or setting information from\nSNMP agents, tools for generating and handling SNMP traps, a version\nof the netstat command which uses SNMP, and a Tk/Perl Management\nInformation Base (MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled\ncertain SNMP traps when started with the '-OQ' option. If an attacker\nsent an SNMP trap containing a variable with a NULL type where an\ninteger variable type was expected, it would cause snmptrapd to crash.\n(CVE-2014-3565)\n\nThis update also fixes the following bugs :\n\n* The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented\nbecause parts of the HOST-RESOURCES-MIB module were rewritten in an\nearlier version of net-snmp. Consequently,\nHOST-RESOURCES-MIB::hrSystemProcesses did not provide information on\nthe number of currently loaded or running processes. With this update,\nHOST-RESOURCES-MIB::hrSystemProcesses has been implemented, and the\nnet-snmp daemon reports as expected. (BZ#1134335)\n\n* The Net-SNMP agent daemon, snmpd, reloaded the system ARP table\nevery 60 seconds. As a consequence, snmpd could cause a short CPU\nusage spike on busy systems with a large APR table. With this update,\nsnmpd does not reload the full ARP table periodically, but monitors\nthe table changes using a netlink socket. (BZ#789500)\n\n* Previously, snmpd used an invalid pointer to the current time when\nperiodically checking certain conditions specified by the 'monitor'\noption in the /etc/snmpd/snmpd.conf file. Consequently, snmpd\nterminated unexpectedly on start with a segmentation fault if a\ncertain entry with the 'monitor' option was used. Now, snmpd\ninitializes the correct pointer to the current time, and snmpd no\nlonger crashes on start. (BZ#1050970)\n\n* Previously, snmpd expected 8-bit network interface indices when\nprocessing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of\na local network interface was larger than 30,000 items, snmpd could\nterminate unexpectedly due to accessing invalid memory. Now,\nprocessing of all network sizes is enabled, and snmpd no longer\ncrashes in the described situation. (BZ#1195547)\n\n* The snmpdtrapd service incorrectly checked for errors when\nforwarding a trap with a RequestID value of 0, and logged 'Forward\nfailed' even though the trap was successfully forwarded. This update\nfixes snmptrapd checks and the aforementioned message is now logged\nonly when appropriate. (BZ#1146948)\n\n* Previously, snmpd ignored the value of the 'storageUseNFS' option in\nthe /etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were\nshown as 'Network Disks', even though 'storageUseNFS' was set to '2'\nto report them as 'Fixed Disks' in HOST-RESOURCES-MIB::hrStorageTable.\nWith this update, snmpd takes the 'storageUseNFS' option value into\naccount, and 'Fixed Disks' NFS drives are reported correctly.\n(BZ#1125793)\n\n* Previously, the Net-SNMP python binding used an incorrect size (8\nbytes instead of 4) for variables of IPADDRESS type. Consequently,\napplications that were using Net-SNMP Python bindings could send\nmalformed SNMP messages. With this update, the bindings now use 4\nbytes for variables with IPADRESS type, and only valid SNMP messages\nare sent. (BZ#1100099)\n\n* Previously, the snmpd service did not cut values in\nHOST-RESOURCES-MIB::hrStorageTable to signed 32-bit integers, as\nrequired by SNMP standards, and provided the values as unsigned\nintegers. As a consequence, the HOST-RESOURCES-MIB::hrStorageTable\nimplementation did not conform to RFC 2790. The values are now cut to\n32-bit signed integers, and snmpd is therefore standard compliant.\n(BZ#1104293)\n\nUsers of net-snmp are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.", "edition": 25, "published": "2015-07-30T00:00:00", "title": "Oracle Linux 6 : net-snmp (ELSA-2015-1385)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3565"], "modified": "2015-07-30T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:net-snmp-perl", "p-cpe:/a:oracle:linux:net-snmp-python", "p-cpe:/a:oracle:linux:net-snmp-utils", "p-cpe:/a:oracle:linux:net-snmp", "p-cpe:/a:oracle:linux:net-snmp-devel", "p-cpe:/a:oracle:linux:net-snmp-libs"], "id": "ORACLELINUX_ELSA-2015-1385.NASL", "href": "https://www.tenable.com/plugins/nessus/85103", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1385 and \n# Oracle Linux Security Advisory ELSA-2015-1385 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85103);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3565\");\n script_bugtraq_id(69477);\n script_xref(name:\"RHSA\", value:\"2015:1385\");\n\n script_name(english:\"Oracle Linux 6 : net-snmp (ELSA-2015-1385)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1385 :\n\nUpdated net-snmp packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe net-snmp packages provide various libraries and tools for the\nSimple Network Management Protocol (SNMP), including an SNMP library,\nan extensible agent, tools for requesting or setting information from\nSNMP agents, tools for generating and handling SNMP traps, a version\nof the netstat command which uses SNMP, and a Tk/Perl Management\nInformation Base (MIB) browser.\n\nA denial of service flaw was found in the way snmptrapd handled\ncertain SNMP traps when started with the '-OQ' option. If an attacker\nsent an SNMP trap containing a variable with a NULL type where an\ninteger variable type was expected, it would cause snmptrapd to crash.\n(CVE-2014-3565)\n\nThis update also fixes the following bugs :\n\n* The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented\nbecause parts of the HOST-RESOURCES-MIB module were rewritten in an\nearlier version of net-snmp. Consequently,\nHOST-RESOURCES-MIB::hrSystemProcesses did not provide information on\nthe number of currently loaded or running processes. With this update,\nHOST-RESOURCES-MIB::hrSystemProcesses has been implemented, and the\nnet-snmp daemon reports as expected. (BZ#1134335)\n\n* The Net-SNMP agent daemon, snmpd, reloaded the system ARP table\nevery 60 seconds. As a consequence, snmpd could cause a short CPU\nusage spike on busy systems with a large APR table. With this update,\nsnmpd does not reload the full ARP table periodically, but monitors\nthe table changes using a netlink socket. (BZ#789500)\n\n* Previously, snmpd used an invalid pointer to the current time when\nperiodically checking certain conditions specified by the 'monitor'\noption in the /etc/snmpd/snmpd.conf file. Consequently, snmpd\nterminated unexpectedly on start with a segmentation fault if a\ncertain entry with the 'monitor' option was used. Now, snmpd\ninitializes the correct pointer to the current time, and snmpd no\nlonger crashes on start. (BZ#1050970)\n\n* Previously, snmpd expected 8-bit network interface indices when\nprocessing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of\na local network interface was larger than 30,000 items, snmpd could\nterminate unexpectedly due to accessing invalid memory. Now,\nprocessing of all network sizes is enabled, and snmpd no longer\ncrashes in the described situation. (BZ#1195547)\n\n* The snmpdtrapd service incorrectly checked for errors when\nforwarding a trap with a RequestID value of 0, and logged 'Forward\nfailed' even though the trap was successfully forwarded. This update\nfixes snmptrapd checks and the aforementioned message is now logged\nonly when appropriate. (BZ#1146948)\n\n* Previously, snmpd ignored the value of the 'storageUseNFS' option in\nthe /etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were\nshown as 'Network Disks', even though 'storageUseNFS' was set to '2'\nto report them as 'Fixed Disks' in HOST-RESOURCES-MIB::hrStorageTable.\nWith this update, snmpd takes the 'storageUseNFS' option value into\naccount, and 'Fixed Disks' NFS drives are reported correctly.\n(BZ#1125793)\n\n* Previously, the Net-SNMP python binding used an incorrect size (8\nbytes instead of 4) for variables of IPADDRESS type. Consequently,\napplications that were using Net-SNMP Python bindings could send\nmalformed SNMP messages. With this update, the bindings now use 4\nbytes for variables with IPADRESS type, and only valid SNMP messages\nare sent. (BZ#1100099)\n\n* Previously, the snmpd service did not cut values in\nHOST-RESOURCES-MIB::hrStorageTable to signed 32-bit integers, as\nrequired by SNMP standards, and provided the values as unsigned\nintegers. As a consequence, the HOST-RESOURCES-MIB::hrStorageTable\nimplementation did not conform to RFC 2790. The values are now cut to\n32-bit signed integers, and snmpd is therefore standard compliant.\n(BZ#1104293)\n\nUsers of net-snmp are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-July/005226.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"net-snmp-5.5-54.0.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"net-snmp-devel-5.5-54.0.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"net-snmp-libs-5.5-54.0.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"net-snmp-perl-5.5-54.0.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"net-snmp-python-5.5-54.0.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"net-snmp-utils-5.5-54.0.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp / net-snmp-devel / net-snmp-libs / net-snmp-perl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:11:01", "bulletinFamily": "software", "cvelist": ["CVE-2015-5621", "CVE-2014-3565"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2711-1\r\nAugust 17, 2015\r\n\r\nnet-snmp vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 15.04\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nNet-SNMP could be made to crash or run programs if it received specially\r\ncrafted network traffic.\r\n\r\nSoftware Description:\r\n- net-snmp: SNMP (Simple Network Management Protocol) server and applications\r\n\r\nDetails:\r\n\r\nIt was discovered that Net-SNMP incorrectly handled certain trap messages\r\nwhen the -OQ option was used. A remote attacker could use this issue to\r\ncause Net-SNMP to crash, resulting in a denial of service. (CVE-2014-3565)\r\n\r\nQinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing\r\nfailures. A remote attacker could use this issue to cause Net-SNMP to\r\ncrash, resulting in a denial of service, or possibly execute arbitrary\r\ncode. (CVE-2015-5621)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 15.04:\r\n libsnmp30 5.7.2~dfsg-8.1ubuntu5.1\r\n\r\nUbuntu 14.04 LTS:\r\n libsnmp30 5.7.2~dfsg-8.1ubuntu3.1\r\n\r\nUbuntu 12.04 LTS:\r\n libsnmp15 5.4.3~dfsg-2.4ubuntu1.3\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2711-1\r\n CVE-2014-3565, CVE-2015-5621\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/net-snmp/5.7.2~dfsg-8.1ubuntu5.1\r\n https://launchpad.net/ubuntu/+source/net-snmp/5.7.2~dfsg-8.1ubuntu3.1\r\n https://launchpad.net/ubuntu/+source/net-snmp/5.4.3~dfsg-2.4ubuntu1.3\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "modified": "2015-08-24T00:00:00", "published": "2015-08-24T00:00:00", "id": "SECURITYVULNS:DOC:32414", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32414", "title": "[USN-2711-1] Net-SNMP vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:58", "bulletinFamily": "software", "cvelist": ["CVE-2014-3565", "CVE-2014-2284", "CVE-2014-2285"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2015:092\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : net-snmp\r\n Date : March 28, 2015\r\n Affected: Business Server 2.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Updated net-snmp packages fix security vulnerabilities:\r\n \r\n Remotely exploitable denial of service vulnerability in Net-SNMP,\r\n in the Linux implementation of the ICMP-MIB, making the SNMP\r\n agent vulnerable if it is making use of the ICMP-MIB table objects\r\n (CVE-2014-2284).\r\n \r\n Remotely exploitable denial of service vulnerability in Net-SNMP,\r\n in snmptrapd, due to how it handles trap requests with an empty\r\n community string when the perl handler is enabled (CVE-2014-2285).\r\n \r\n A remote denial-of-service flaw was found in the way snmptrapd handled\r\n certain SNMP traps when started with the -OQ option. If an attacker\r\n sent an SNMP trap containing a variable with a NULL type where an\r\n integer variable type was expected, it would cause snmptrapd to crash\r\n (CVE-2014-3565).\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2284\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2285\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565\r\n http://advisories.mageia.org/MGASA-2014-0122.html\r\n http://advisories.mageia.org/MGASA-2014-0371.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 2/X86_64:\r\n db108bc819bb011d352ac1be23005ae8 mbs2/x86_64/lib64net-snmp30-5.7.2-14.1.mbs2.x86_64.rpm\r\n 10d0754baaebe770c0accea30a4c570b mbs2/x86_64/lib64net-snmp-devel-5.7.2-14.1.mbs2.x86_64.rpm\r\n f3c20caeb88eee898508110847de93c1 mbs2/x86_64/lib64net-snmp-static-devel-5.7.2-14.1.mbs2.x86_64.rpm\r\n 85a8e55a06278248c6d55ed71781d4ae mbs2/x86_64/net-snmp-5.7.2-14.1.mbs2.x86_64.rpm\r\n dd6b3752ffc3abfa799752d6c68be260 mbs2/x86_64/net-snmp-mibs-5.7.2-14.1.mbs2.x86_64.rpm\r\n dff402077edcdbbbb43876ab37f17c63 mbs2/x86_64/net-snmp-tkmib-5.7.2-14.1.mbs2.x86_64.rpm\r\n e5dd0695599ce24250e9c56398ae708a mbs2/x86_64/net-snmp-trapd-5.7.2-14.1.mbs2.x86_64.rpm\r\n 73e35840936e48e76813ee9aa563e5db mbs2/x86_64/net-snmp-utils-5.7.2-14.1.mbs2.x86_64.rpm\r\n 3fcb54fc22046478a1f4fe25bfb3fbfc mbs2/x86_64/perl-NetSNMP-5.7.2-14.1.mbs2.x86_64.rpm\r\n f7faf7abe0cb4119a24aa1eb7b4e88e2 mbs2/x86_64/python-netsnmp-5.7.2-14.1.mbs2.x86_64.rpm \r\n 70325be4b29a38030ee30a1bea4c0a40 mbs2/SRPMS/net-snmp-5.7.2-14.1.mbs2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFVFnIkmqjQ0CJFipgRApj2AJ4siseZB35ENesBHXAJd354ztjc2wCg4i9a\r\nCVlceu1C+yhzzsfXCVXUd5g=\r\n=mTTW\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2015-04-20T00:00:00", "published": "2015-04-20T00:00:00", "id": "SECURITYVULNS:DOC:31950", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31950", "title": "[ MDVSA-2015:092 ] net-snmp", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:00", "bulletinFamily": "software", "cvelist": ["CVE-2014-3565", "CVE-2014-2284", "CVE-2014-2285"], "description": "Multiple DoS conditions.", "edition": 1, "modified": "2015-04-20T00:00:00", "published": "2015-04-20T00:00:00", "id": "SECURITYVULNS:VULN:14418", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14418", "title": "snmplib / snmpd DoS", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:11:02", "bulletinFamily": "software", "cvelist": ["CVE-2015-6976", "CVE-2015-7007", "CVE-2015-0235", "CVE-2015-5927", "CVE-2015-6975", "CVE-2015-7035", "CVE-2015-6987", "CVE-2015-7003", "CVE-2015-5924", "CVE-2015-6983", "CVE-2015-5939", "CVE-2015-6834", "CVE-2015-6991", "CVE-2015-7020", "CVE-2015-6994", "CVE-2015-7016", "CVE-2015-6992", "CVE-2015-7021", "CVE-2015-6977", "CVE-2014-3565", "CVE-2012-6151", "CVE-2015-5934", "CVE-2015-5940", "CVE-2015-5932", "CVE-2015-0273", "CVE-2015-6995", "CVE-2015-6978", "CVE-2015-7018", "CVE-2015-6985", "CVE-2015-5935", "CVE-2015-7010", "CVE-2015-5945", "CVE-2015-6984", "CVE-2015-7008", "CVE-2015-5937", "CVE-2015-7023", "CVE-2015-6993", "CVE-2015-6836", "CVE-2015-5936", "CVE-2015-6989", "CVE-2015-5942", "CVE-2015-7015", "CVE-2015-6990", "CVE-2015-7009", "CVE-2015-6988", "CVE-2015-5943", "CVE-2015-6996", "CVE-2015-6837", "CVE-2015-6563", "CVE-2015-5944", "CVE-2015-5925", "CVE-2015-5938", "CVE-2015-6974", "CVE-2015-6835", "CVE-2015-7019", "CVE-2015-7006", "CVE-2015-7017", "CVE-2015-5926", "CVE-2015-6838", "CVE-2015-5933"], "description": "\r\n\r\nAPPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update\r\n2015-007\r\n\r\nOS X El Capitan 10.11.1 and Security Update 2015-007 are now\r\navailable and address the following:\r\n\r\nAccelerate Framework\r\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\r\nand OS X El Capitan 10.11\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A memory corruption issue existed in the Accelerate\r\nFramework in multi-threading mode. This issue was addressed through\r\nimproved accessor element validation and improved object locking.\r\nCVE-ID\r\nCVE-2015-5940 : Apple\r\n\r\napache_mod_php\r\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\r\nand OS X El Capitan 10.11\r\nImpact: Multiple vulnerabilities in PHP\r\nDescription: Multiple vulnerabilities existed in PHP versions prior\r\nto 5.5.29 and 5.4.45. These were addressed by updating PHP to\r\nversions 5.5.29 and 5.4.45.\r\nCVE-ID\r\nCVE-2015-0235\r\nCVE-2015-0273\r\nCVE-2015-6834\r\nCVE-2015-6835\r\nCVE-2015-6836\r\nCVE-2015-6837\r\nCVE-2015-6838\r\n\r\nATS\r\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\r\nand OS X El Capitan 10.11\r\nImpact: Visiting a maliciously crafted webpage may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in ATS. This issue\r\nwas addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-6985 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nAudio\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode\r\nDescription: An uninitialized memory issue existed in coreaudiod.\r\nThis issue was addressed through improved memory initialization.\r\nCVE-ID\r\nCVE-2015-7003 : Mark Brand of Google Project Zero\r\n\r\nAudio\r\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\r\nand OS X El Capitan 10.11\r\nImpact: Playing a malicious audio file may lead to arbitrary code\r\nexecution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of audio files. These issues were addressed through improved\r\nmemory handling.\r\nCVE-ID\r\nCVE-2015-5933 : Apple\r\nCVE-2015-5934 : Apple\r\n\r\nBom\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: Unpacking a maliciously crafted archive may lead to\r\narbitrary code execution\r\nDescription: A file traversal vulnerability existed in the handling\r\nof CPIO archives. This issue was addressed through improved\r\nvalidation of metadata.\r\nCVE-ID\r\nCVE-2015-7006 : Mark Dowd of Azimuth Security\r\n\r\nCFNetwork\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: Visiting a maliciously crafted website may lead to cookies\r\nbeing overwritten\r\nDescription: A parsing issue existed when handling cookies with\r\ndifferent letter casing. This issue was addressed through improved\r\nparsing.\r\nCVE-ID\r\nCVE-2015-7023 : Marvin Scholz; Xiaofeng Zheng and Jinjin Liang of\r\nTsinghua University, Jian Jiang of University of California,\r\nBerkeley, Haixin Duan of Tsinghua University and International\r\nComputer Science Institute, Shuo Chen of Microsoft Research Redmond,\r\nTao Wan of Huawei Canada, Nicholas Weaver of International Computer\r\nScience Institute and University of California, Berkeley, coordinated\r\nvia CERT/CC\r\n\r\nconfigd\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: A malicious application may be able to elevate privileges\r\nDescription: A heap based buffer overflow issue existed in the DNS\r\nclient library. A malicious application with the ability to spoof\r\nresponses from the local configd service may have been able to cause\r\narbitrary code execution in DNS clients.\r\nCVE-ID\r\nCVE-2015-7015 : PanguTeam\r\n\r\nCoreGraphics\r\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\r\nand OS X El Capitan 10.11\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Multiple memory corruption issues existed in\r\nCoreGraphics. These issues were addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5925 : Apple\r\nCVE-2015-5926 : Apple\r\n\r\nCoreText\r\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\r\nand OS X El Capitan 10.11\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of font files. These issues were addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nCoreText\r\nAvailable for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of font files. These issues were addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nCoreText\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of font files. These issues were addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nCoreText\r\nAvailable for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of font files. These issues were addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-5944 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nDisk Images\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in the parsing of\r\ndisk images. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-6995 : Ian Beer of Google Project Zero\r\n\r\nEFI\r\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\r\nand OS X El Capitan 10.11\r\nImpact: An attacker can exercise unused EFI functions\r\nDescription: An issue existed with EFI argument handling. This was\r\naddressed by removing the affected functions.\r\nCVE-ID\r\nCVE-2015-7035 : Corey Kallenberg, Xeno Kovah, John Butterworth, and\r\nSam Cornwell of The MITRE Corporation, coordinated via CERT/CC\r\n\r\nFile Bookmark\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: Browsing to a folder with malformed bookmarks may cause\r\nunexpected application termination\r\nDescription: An input validation issue existed in parsing bookmark\r\nmetadata. This issue was addressed through improved validation\r\nchecks.\r\nCVE-ID\r\nCVE-2015-6987 : Luca Todesco (@qwertyoruiop)\r\n\r\nFontParser\r\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\r\nand OS X El Capitan 10.11\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of font files. These issues were addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-5927 : Apple\r\nCVE-2015-5942\r\nCVE-2015-6976 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-6977 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-6978 : Jaanus Kp, Clarified Security, working with HP's Zero\r\nDay Initiative\r\nCVE-2015-6991 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-6993 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-7009 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-7010 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-7018 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nFontParser\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of font files. These issues were addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-6990 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-7008 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nGrand Central Dispatch\r\nAvailable for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11\r\nImpact: Processing a maliciously crafted package may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\ndispatch calls. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-6989 : Apple\r\n\r\nGraphics Drivers\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: A local user may be able to cause unexpected system\r\ntermination or read kernel memory\r\nDescription: Multiple out of bounds read issues existed in the\r\nNVIDIA graphics driver. These issues were addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-7019 : Ian Beer of Google Project Zero\r\nCVE-2015-7020 : Moony Li of Trend Micro\r\n\r\nGraphics Drivers\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-7021 : Moony Li of Trend Micro\r\n\r\nImageIO\r\nAvailable for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5\r\nImpact: Processing a maliciously crafted image file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nparsing of image metadata. These issues were addressed through\r\nimproved metadata validation.\r\nCVE-ID\r\nCVE-2015-5935 : Apple\r\nCVE-2015-5938 : Apple\r\n\r\nImageIO\r\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\r\nand OS X El Capitan 10.11\r\nImpact: Processing a maliciously crafted image file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nparsing of image metadata. These issues were addressed through\r\nimproved metadata validation.\r\nCVE-ID\r\nCVE-2015-5936 : Apple\r\nCVE-2015-5937 : Apple\r\nCVE-2015-5939 : Apple\r\n\r\nIOAcceleratorFamily\r\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\r\nand OS X El Capitan 10.11\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in\r\nIOAcceleratorFamily. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-6996 : Ian Beer of Google Project Zero\r\n\r\nIOHIDFamily\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with kernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-6974 : Luca Todesco (@qwertyoruiop)\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10.5\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A type confusion issue existed in the validation of\r\nMach tasks. This issue was addressed through improved Mach task\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5932 : Luca Todesco (@qwertyoruiop), Filippo Bigarella\r\n\r\nKernel\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: An attacker with a privileged network position may be able\r\nto execute arbitrary code\r\nDescription: An uninitialized memory issue existed in the kernel.\r\nThis issue was addressed through improved memory initialization.\r\nCVE-ID\r\nCVE-2015-6988 : The Brainy Code Scanner (m00nbsd)\r\n\r\nKernel\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: A local application may be able to cause a denial of service\r\nDescription: An issue existed when reusing virtual memory. This\r\nissue was addressed through improved validation.\r\nCVE-ID\r\nCVE-2015-6994 : Mark Mentovai of Google Inc.\r\n\r\nlibarchive\r\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\r\nand OS X El Capitan 10.11\r\nImpact: A malicious application may be able to overwrite arbitrary\r\nfiles\r\nDescription: An issue existed within the path validation logic for\r\nsymlinks. This issue was addressed through improved path\r\nsanitization.\r\nCVE-ID\r\nCVE-2015-6984 : Christopher Crone of Infinit, Jonathan Schleifer\r\n\r\nMCX Application Restrictions\r\nAvailable for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11\r\nImpact: A developer-signed executable may acquire restricted\r\nentitlements\r\nDescription: An entitlement validation issue existed in Managed\r\nConfiguration. A developer-signed app could bypass restrictions on\r\nuse of restricted entitlements and elevate privileges. This issue was\r\naddressed through improved provisioning profile validation.\r\nCVE-ID\r\nCVE-2015-7016 : Apple\r\n\r\nNet-SNMP\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: An attacker in a privileged network position may be able to\r\ncause a denial of service\r\nDescription: Multiple issues existed in netsnmp version 5.6. These\r\nissues were addressed by using patches affecting OS X from upstream.\r\nCVE-ID\r\nCVE-2012-6151\r\nCVE-2014-3565\r\n\r\nOpenGL\r\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\r\nand OS X El Capitan 10.11\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A memory corruption issue existed in OpenGL. This issue\r\nwas addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5924 : Apple\r\n\r\nOpenSSH\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: A local user may be able to conduct impersonation attacks\r\nDescription: A privilege separation issue existed in PAM support.\r\nThis issue was addressed with improved authorization checks.\r\nCVE-ID\r\nCVE-2015-6563 : Moritz Jodeit of Blue Frost Security GmbH\r\n\r\nSandbox\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: An input validation issue existed when handling NVRAM\r\nparameters. This issue was addressed through improved validation.\r\nCVE-ID\r\nCVE-2015-5945 : Rich Trouton (@rtrouton), Howard Hughes Medical\r\nInstitute, Apple\r\n\r\nScript Editor\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: An attacker may trick a user into running arbitrary\r\nAppleScript\r\nDescription: In some circumstances, Script Editor did not ask for\r\nuser confirmation before executing AppleScripts. This issue was\r\naddressed by prompting for user confirmation before executing\r\nAppleScripts.\r\nCVE-ID\r\nCVE-2015-7007 : Joe Vennix of Rapid7\r\n\r\nSecurity\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: A malicious application may be able to overwrite arbitrary\r\nfiles\r\nDescription: A double free issue existed in the handling of\r\nAtomicBufferedFile descriptors. This issue was addressed through\r\nimproved validation of AtomicBufferedFile descriptors.\r\nCVE-ID\r\nCVE-2015-6983 : David Benjamin, Greg Kerr, Mark Mentovai and Sergey\r\nUlanov from the Chrome Team\r\n\r\nSecurityAgent\r\nAvailable for: OS X El Capitan 10.11\r\nImpact: A malicious application can programmatically control\r\nkeychain access prompts\r\nDescription: A method existed for applications to create synthetic\r\nclicks on keychain prompts. This was addressed by disabling synthetic\r\nclicks for keychain access windows.\r\nCVE-ID\r\nCVE-2015-5943\r\n\r\nInstallation note:\r\n\r\nOS X El Capitan v10.11.1 includes the security content of\r\nSafari 9.0.1: https://support.apple.com/kb/HT205377\r\n\r\nOS X El Capitan 10.11.1 and Security Update 2015-007 may be obtained\r\nfrom the Mac App Store or Apple's Software Downloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "modified": "2015-10-25T00:00:00", "published": "2015-10-25T00:00:00", "id": "SECURITYVULNS:DOC:32566", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32566", "title": "APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:02", "bulletinFamily": "software", "cvelist": ["CVE-2015-2348", "CVE-2014-9705", "CVE-2015-5883", "CVE-2015-2787", "CVE-2015-0232", "CVE-2015-5903", "CVE-2015-6976", "CVE-2015-7007", "CVE-2015-0235", "CVE-2015-2783", "CVE-2015-5877", "CVE-2015-5927", "CVE-2015-3785", "CVE-2015-5847", "CVE-2014-9427", "CVE-2015-3329", "CVE-2015-6975", "CVE-2015-3415", "CVE-2015-7035", "CVE-2015-3330", "CVE-2015-6987", "CVE-2015-5922", "CVE-2015-5865", "CVE-2015-5869", "CVE-2015-5879", "CVE-2015-7003", "CVE-2015-5876", "CVE-2015-5858", "CVE-2015-5924", "CVE-2015-5862", "CVE-2015-0286", "CVE-2015-5888", "CVE-2015-6983", "CVE-2015-5939", "CVE-2015-5874", "CVE-2015-6834", "CVE-2015-6991", "CVE-2015-5860", "CVE-2015-1855", "CVE-2015-7020", "CVE-2014-3618", "CVE-2015-6994", "CVE-2015-1352", "CVE-2015-7016", "CVE-2015-6992", "CVE-2015-2301", "CVE-2015-7021", "CVE-2015-6977", "CVE-2015-5868", "CVE-2014-3565", "CVE-2015-5872", "CVE-2015-5839", "CVE-2015-5840", "CVE-2014-6277", "CVE-2014-9425", "CVE-2014-9709", "CVE-2015-2305", "CVE-2012-6151", "CVE-2015-5934", "CVE-2015-5873", "CVE-2015-5940", "CVE-2015-5932", "CVE-2015-0273", "CVE-2015-5875", "CVE-2015-5882", "CVE-2015-5842", "CVE-2015-6995", "CVE-2015-6978", "CVE-2015-7018", "CVE-2015-5912", "CVE-2015-6985", "CVE-2015-2331", "CVE-2015-5870", "CVE-2015-5935", "CVE-2015-5722", "CVE-2015-7010", "CVE-2015-5945", "CVE-2015-6984", "CVE-2015-7008", "CVE-2015-5841", "CVE-2015-5894", "CVE-2015-5881", "CVE-2014-2532", "CVE-2015-5831", "CVE-2014-8147", "CVE-2015-5937", "CVE-2015-5878", "CVE-2015-5855", "CVE-2015-7023", "CVE-2014-8611", "CVE-2015-6993", "CVE-2015-5871", "CVE-2015-5866", "CVE-2015-5901", "CVE-2014-8090", "CVE-2015-6836", "CVE-2015-5884", "CVE-2015-3416", "CVE-2015-5936", "CVE-2015-5889", "CVE-2015-5867", "CVE-2015-5836", "CVE-2015-6989", "CVE-2015-5915", "CVE-2015-5900", "CVE-2015-5942", "CVE-2015-7015", "CVE-2015-5890", "CVE-2014-7187", "CVE-2014-8146", "CVE-2015-5854", "CVE-2015-6990", "CVE-2015-3414", "CVE-2015-7009", "CVE-2014-9652", "CVE-2015-7031", "CVE-2015-6988", "CVE-2015-5523", "CVE-2015-5986", "CVE-2015-5943", "CVE-2015-5885", "CVE-2015-6996", "CVE-2015-6837", "CVE-2013-3951", "CVE-2015-6563", "CVE-2015-5944", "CVE-2015-5893", "CVE-2015-5917", "CVE-2014-8080", "CVE-2015-1351", "CVE-2015-5524", "CVE-2015-5887", "CVE-2015-5902", "CVE-2015-5925", "CVE-2015-5938", "CVE-2015-0287", "CVE-2015-6974", "CVE-2015-5853", "CVE-2015-6835", "CVE-2015-5897", "CVE-2015-5830", "CVE-2015-5849", "CVE-2015-5896", "CVE-2015-5833", "CVE-2015-5863", "CVE-2015-0231", "CVE-2015-5864", "CVE-2014-7186", "CVE-2015-5891", "CVE-2015-7019", "CVE-2015-7006", "CVE-2015-7017", "CVE-2015-5914", "CVE-2015-5926", "CVE-2015-5522", "CVE-2015-5851", "CVE-2015-5899", "CVE-2015-6838", "CVE-2015-5933"], "description": "Code execution, information disclosure, restrictions bypass, multiple memory corruptions, multiple libraries vulnerabilities.", "edition": 1, "modified": "2015-10-25T00:00:00", "published": "2015-10-25T00:00:00", "id": "SECURITYVULNS:VULN:14702", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14702", "title": "Apple Mac OS X / Mac EFI / OS X Server multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-02T11:36:11", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5621", "CVE-2014-3565"], "description": "It was discovered that Net-SNMP incorrectly handled certain trap messages \nwhen the -OQ option was used. A remote attacker could use this issue to \ncause Net-SNMP to crash, resulting in a denial of service. (CVE-2014-3565)\n\nQinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing \nfailures. A remote attacker could use this issue to cause Net-SNMP to \ncrash, resulting in a denial of service, or possibly execute arbitrary \ncode. (CVE-2015-5621)", "edition": 5, "modified": "2015-08-17T00:00:00", "published": "2015-08-17T00:00:00", "id": "USN-2711-1", "href": "https://ubuntu.com/security/notices/USN-2711-1", "title": "Net-SNMP vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:56", "bulletinFamily": "software", "cvelist": ["CVE-2015-5621", "CVE-2014-3565"], "description": "USN-2711-1 Net-SNMP Vulnerabilities\n\n# \n\nLow to Medium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * libsnmp30 5.7.2~dfsg-8.1ubuntu3.1 \n\n# Description\n\nNet-SNMP could be made to crash or run programs if it received specially crafted network traffic. It was discovered that Net-SNMP incorrectly handled certain trap messages when the -OQ option was used. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service. ([CVE-2014-3565](<http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3565.html>))\n\nQinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing failures. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2015-5621](<http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-5621.html>))\n\n# Affected Products and Versions\n\n_Severity is low unless otherwise noted. \n_\n\n * Cloud Foundry Runtime: all versions of cf-release prior to 219 are vulnerable to the aforementioned CVEs. \n * PHP Buildpack v1.4.1 and earlier are vulnerable. \n\n# Mitigation\n\nUsers of affected versions should apply the following mitigation:\n\n * The Cloud Foundry project recommends that Cloud Foundry Deployments using cf-release 218 or lower upgrade to 219 or higher to resolve the aforementioned CVEs. \n\n# Credit\n\nUnknown\n\n# References\n\n * <http://www.ubuntu.com/usn/usn-2711-1/>\n * <https://bosh.io/stemcells>\n * <https://github.com/cloudfoundry/cf-release>\n", "edition": 5, "modified": "2015-10-07T00:00:00", "published": "2015-10-07T00:00:00", "id": "CFOUNDRY:4F43D8E6BFF265B4800460FBD8EF85B5", "href": "https://www.cloudfoundry.org/blog/usn-2711-1/", "title": "USN-2711-1 Net-SNMP Vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
