CVE-2004-2300

Name of the Vulnerable Software and Affected Versions: ucd-snmp versions 4.2.6 and earlier

Description: A buffer overflow issue exists in the snmpd component of ucd-snmp, allowing local users to execute arbitrary code via a long command line argument, specifically the -p option, when snmpd is installed setuid root.

Recommendations: For ucd-snmp versions 4.2.6 and earlier, consider removing the setuid root installation of snmpd to prevent exploitation of this issue. If snmpd must be installed setuid root, avoid using long command line arguments, especially with the -p option, until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.