PT-2014-1861 · Net Snmp+3 · Net-Snmp+3

Fenner

Published

2014-03-05

Updated

2024-06-15

CVE-2014-2284

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Net-SNMP versions 5.5 before 5.5.2.1 Net-SNMP versions 5.6.x before 5.6.2.1 Net-SNMP versions 5.7.x before 5.7.2.1

Description The Linux implementation of the ICMP-MIB in Net-SNMP does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors. The vulnerability can be exploited remotely, leading to a disruption in the availability of protected information.

Recommendations For Net-SNMP versions 5.5 before 5.5.2.1, update to version 5.5.2.1 or later. For Net-SNMP versions 5.6.x before 5.6.2.1, update to version 5.6.2.1 or later. For Net-SNMP versions 5.7.x before 5.7.2.1, update to version 5.7.2.1 or later.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2015-07052

BDU:2015-07053

BDU:2015-07054

BDU:2015-07055

BDU:2015-07056

BDU:2015-09112

BDU:2015-09113

BDU:2015-09114

BDU:2015-09115

BDU:2015-09116

CESA-2014_0321

CVE-2014-2284

MGASA-2014-0122

OPENSUSE-SU-2024:10204-1

RHSA-2014:0321

RHSA-2014_0321

SUSE-SU-2014_0524-1

Affected Products

Centos

Net-Snmp

Red Hat

Suse

PT-2014-1861 · Net Snmp+3 · Net-Snmp+3

CVE-2014-2284

Weakness Enumeration

Related Identifiers

Affected Products

References · 68