Buddurid

**Name of the Vulnerable Software and Affected Versions** net-snmp versions prior to 5.9.5 net-snmp version 5.10.pre2 **Description** net-snmp is a SNMP application library, tools and daemon. A specially crafted packet sent to the `snmptrapd` daemon can cause a buffer overflow, potentially leading to a daemon crash and potentially remote code execution. The vulnerability stems from a lack of proper validation of the length of user-supplied data before copying it to a fixed-length stack-based buffer. The `snmptrapd` daemon listens on UDP port 162 by default. There is no mitigation available other than ensuring ports to `snmptrapd` are appropriately firewalled or by upgrading. **Recommendations** Upgrade to net-snmp version 5.9.5 or later. Upgrade to net-snmp version 5.10.pre2 or later. Restrict access to the `snmptrapd` daemon to trusted networks. Ensure that SNMP ports are not exposed to public networks.