PT-2007-7472 · Debian+2 · Debian+2
Bill Trost
·
Publicado
1970-01-01
·
Atualizado
2018-10-15
·
CVE-2007-5846
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
net-snmp versions prior to 5.4.1
Description
The issue allows remote attackers to cause a denial of service, consuming CPU and memory via a GETBULK request with a large
max-repeaters value. Multiple vulnerabilities in the net-snmp package of Debian GNU/Linux can be exploited remotely, leading to disruption of protected information availability.Recommendations
For net-snmp versions prior to 5.4.1, update to version 5.4.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the SNMP agent to minimize the risk of exploitation. Avoid using large
max-repeaters values in GETBULK requests until the issue is resolved.Correção
DoS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Debian
Red Hat
Net-Snmp