Vulnerabilities > CVE-2005-4837 - Numeric Errors vulnerability in multiple products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2005-395.NASL
    descriptionUpdated net-snmp packages that fix two security issues and various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. SNMP (Simple Network Management Protocol) is a protocol used for network management. A denial of service bug was found in the way net-snmp uses network stream protocols. It is possible for a remote attacker to send a net-snmp agent a specially crafted packet that will crash the agent. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2177 to this issue. An insecure temporary file usage bug was found in net-snmp
    last seen2020-06-01
    modified2020-06-02
    plugin id19988
    published2005-10-11
    reporterThis script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/19988
    titleRHEL 4 : net-snmp (RHSA-2005:395)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_120272.NASL
    descriptionSunOS 5.10: SMA patch. Date this patch was last updated by Sun : May/11/17 This plugin has been deprecated and either replaced with individual 120272 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id25272
    published2007-05-20
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=25272
    titleSolaris 10 (sparc) : 120272-40 (deprecated)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-456-1.NASL
    descriptionThe SNMP service did not correctly handle TCP disconnects. Remote subagents could cause a denial of service if they dropped a connection at a specific time. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id28054
    published2007-11-10
    reporterUbuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/28054
    titleUbuntu 6.06 LTS : net-snmp vulnerability (USN-456-1)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2005-373.NASL
    descriptionUpdated net-snmp packages that fix two security issues and various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. SNMP (Simple Network Management Protocol) is a protocol used for network management. A denial of service bug was found in the way net-snmp uses network stream protocols. It is possible for a remote attacker to send a net-snmp agent a specially crafted packet which will crash the agent. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2177 to this issue. An insecure temporary file usage bug was found in net-snmp
    last seen2020-06-01
    modified2020-06-02
    plugin id21812
    published2006-07-03
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/21812
    titleCentOS 3 : net-snmp (CESA-2005:373)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_120272-31.NASL
    descriptionSunOS 5.10: SMA patch. Date this patch was last updated by Sun : Jun/30/11
    last seen2020-06-01
    modified2020-06-02
    plugin id107359
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107359
    titleSolaris 10 (sparc) : 120272-31
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2005-395.NASL
    descriptionUpdated net-snmp packages that fix two security issues and various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. SNMP (Simple Network Management Protocol) is a protocol used for network management. A denial of service bug was found in the way net-snmp uses network stream protocols. It is possible for a remote attacker to send a net-snmp agent a specially crafted packet that will crash the agent. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2177 to this issue. An insecure temporary file usage bug was found in net-snmp
    last seen2020-06-01
    modified2020-06-02
    plugin id67027
    published2013-06-29
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67027
    titleCentOS 4 : net-snmp (CESA-2005:395)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2005-373.NASL
    descriptionUpdated net-snmp packages that fix two security issues and various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. SNMP (Simple Network Management Protocol) is a protocol used for network management. A denial of service bug was found in the way net-snmp uses network stream protocols. It is possible for a remote attacker to send a net-snmp agent a specially crafted packet which will crash the agent. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2177 to this issue. An insecure temporary file usage bug was found in net-snmp
    last seen2020-06-01
    modified2020-06-02
    plugin id19829
    published2005-10-05
    reporterThis script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/19829
    titleRHEL 3 : net-snmp (RHSA-2005:373)

Oval

accepted2013-04-29T04:19:25.889-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
descriptionsnmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177.
familyunix
idoval:org.mitre.oval:def:9442
statusaccepted
submitted2010-07-09T03:56:16-04:00
titlesnmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177.
version26

Redhat

rpms
  • net-snmp-0:5.0.9-2.30E.19
  • net-snmp-debuginfo-0:5.0.9-2.30E.19
  • net-snmp-devel-0:5.0.9-2.30E.19
  • net-snmp-libs-0:5.0.9-2.30E.19
  • net-snmp-perl-0:5.0.9-2.30E.19
  • net-snmp-utils-0:5.0.9-2.30E.19
  • net-snmp-0:5.1.2-11.EL4.6
  • net-snmp-debuginfo-0:5.1.2-11.EL4.6
  • net-snmp-devel-0:5.1.2-11.EL4.6
  • net-snmp-libs-0:5.1.2-11.EL4.6
  • net-snmp-perl-0:5.1.2-11.EL4.6
  • net-snmp-utils-0:5.1.2-11.EL4.6