PT-2015-7729 · Net Snmp+1 · Net-Snmp+1

Pierre Kim

Published

2015-11-10

Updated

2016-12-07

CVE-2015-8100

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions OpenBSD versions prior to 5.9

Description The issue concerns the net-snmp package in OpenBSD, where the snmpd.conf file has 0644 permissions, allowing local users to read sensitive community information from this file.

Recommendations For OpenBSD versions prior to 5.9, change the permissions of the snmpd.conf file to prevent local users from reading it, such as setting the permissions to 0600 to restrict access to the owner only.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2015-8100

Affected Products

Openbsd

Net-Snmp

PT-2015-7729 · Net Snmp+1 · Net-Snmp+1

CVE-2015-8100

Weakness Enumeration

Related Identifiers

Affected Products

References · 7