Vulnerabilities > CVE-2004-2300 - Unspecified vulnerability in Ucd-Snmp

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ucd-snmp

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument. NOTE: it is not clear whether there are any standard configurations in which snmpd is installed setuid or setgid. If not, then this issue should not be included in CVE.

Vulnerable Configurations

Part	Description	Count
Application	Ucd-Snmp UCD Snmp UCD Snmp *	1

Statements

contributor	Mark J Cox
lastmodified	2006-08-30
organization	Red Hat
statement	Not vulnerable. We did not ship snmpd setuid root in Red Hat Enterprise Linux 2.1, 3, or 4.

References

http://www.packetstormsecurity.org/0405-advisories/snmpdadv.txt
http://www.packetstormsecurity.org/0405-advisories/snmpdadv.txt
http://www.securityfocus.com/bid/10396
http://www.securityfocus.com/bid/10396
https://exchange.xforce.ibmcloud.com/vulnerabilities/16245
https://exchange.xforce.ibmcloud.com/vulnerabilities/16245