Vulnerabilities > CVE-2014-3565 - Resource Management Errors vulnerability in multiple products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2015-2345.NASL description Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the last seen 2020-06-01 modified 2020-06-02 plugin id 86982 published 2015-11-20 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/86982 title RHEL 7 : net-snmp (RHSA-2015:2345) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2015:2345. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(86982); script_version("2.11"); script_cvs_date("Date: 2019/10/24 15:35:40"); script_cve_id("CVE-2014-3565"); script_xref(name:"RHSA", value:"2015:2345"); script_name(english:"RHEL 7 : net-snmp (RHSA-2015:2345)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the '-OQ' option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash. (CVE-2014-3565) This update also fixes the following bugs : * Previously, the clientaddr option in the snmp.conf file affected outgoing messages sent only over IPv4. With this release, outgoing IPv6 messages are correctly sent from the interface specified by clientaddr. (BZ#1190679) * The Net-SNMP daemon, snmpd, did not properly clean memory when reloading its configuration file with multiple 'exec' entries. Consequently, the daemon terminated unexpectedly. Now, the memory is properly cleaned, and snmpd no longer crashes on reload. (BZ#1228893) * Prior to this update, snmpd did not parse complete IPv4 traffic statistics, but reported the number of received or sent bytes in the IP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4. This affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets, ipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the statistics reported by snmpd are collected for IPv4 as well. (BZ#1235697) * The Net-SNMP daemon, snmpd, did not correctly detect the file system change from read-only to read-write. Consequently, after remounting the file system into the read-write mode, the daemon reported it to be still in the read-only mode. A patch has been applied, and snmpd now detects the mode changes as expected. (BZ#1241897) All net-snmp users are advised to upgrade to these updated packages, which contain backported patches to correct these issues." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2015:2345" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-3565" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:net-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:net-snmp-agent-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:net-snmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:net-snmp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:net-snmp-gui"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:net-snmp-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:net-snmp-perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:net-snmp-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:net-snmp-sysvinit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:net-snmp-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.7"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/10/07"); script_set_attribute(attribute:"patch_publication_date", value:"2015/11/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/11/20"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2015:2345"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"net-snmp-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"net-snmp-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"net-snmp-agent-libs-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"net-snmp-debuginfo-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"net-snmp-devel-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"net-snmp-gui-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"net-snmp-gui-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"net-snmp-libs-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"net-snmp-perl-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"net-snmp-perl-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"net-snmp-python-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"net-snmp-python-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"net-snmp-sysvinit-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"net-snmp-sysvinit-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"net-snmp-utils-5.7.2-24.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"net-snmp-utils-5.7.2-24.el7")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "net-snmp / net-snmp-agent-libs / net-snmp-debuginfo / etc"); } }
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2015-1385.NASL description Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the last seen 2020-06-01 modified 2020-06-02 plugin id 85016 published 2015-07-28 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85016 title CentOS 6 : net-snmp (CESA-2015:1385) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2015:1385 and # CentOS Errata and Security Advisory 2015:1385 respectively. # include("compat.inc"); if (description) { script_id(85016); script_version("2.6"); script_cvs_date("Date: 2020/01/02"); script_cve_id("CVE-2014-3565"); script_bugtraq_id(69477); script_xref(name:"RHSA", value:"2015:1385"); script_name(english:"CentOS 6 : net-snmp (CESA-2015:1385)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the '-OQ' option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash. (CVE-2014-3565) This update also fixes the following bugs : * The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented because parts of the HOST-RESOURCES-MIB module were rewritten in an earlier version of net-snmp. Consequently, HOST-RESOURCES-MIB::hrSystemProcesses did not provide information on the number of currently loaded or running processes. With this update, HOST-RESOURCES-MIB::hrSystemProcesses has been implemented, and the net-snmp daemon reports as expected. (BZ#1134335) * The Net-SNMP agent daemon, snmpd, reloaded the system ARP table every 60 seconds. As a consequence, snmpd could cause a short CPU usage spike on busy systems with a large APR table. With this update, snmpd does not reload the full ARP table periodically, but monitors the table changes using a netlink socket. (BZ#789500) * Previously, snmpd used an invalid pointer to the current time when periodically checking certain conditions specified by the 'monitor' option in the /etc/snmpd/snmpd.conf file. Consequently, snmpd terminated unexpectedly on start with a segmentation fault if a certain entry with the 'monitor' option was used. Now, snmpd initializes the correct pointer to the current time, and snmpd no longer crashes on start. (BZ#1050970) * Previously, snmpd expected 8-bit network interface indices when processing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of a local network interface was larger than 30,000 items, snmpd could terminate unexpectedly due to accessing invalid memory. Now, processing of all network sizes is enabled, and snmpd no longer crashes in the described situation. (BZ#1195547) * The snmpdtrapd service incorrectly checked for errors when forwarding a trap with a RequestID value of 0, and logged 'Forward failed' even though the trap was successfully forwarded. This update fixes snmptrapd checks and the aforementioned message is now logged only when appropriate. (BZ#1146948) * Previously, snmpd ignored the value of the 'storageUseNFS' option in the /etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were shown as 'Network Disks', even though 'storageUseNFS' was set to '2' to report them as 'Fixed Disks' in HOST-RESOURCES-MIB::hrStorageTable. With this update, snmpd takes the 'storageUseNFS' option value into account, and 'Fixed Disks' NFS drives are reported correctly. (BZ#1125793) * Previously, the Net-SNMP python binding used an incorrect size (8 bytes instead of 4) for variables of IPADDRESS type. Consequently, applications that were using Net-SNMP Python bindings could send malformed SNMP messages. With this update, the bindings now use 4 bytes for variables with IPADRESS type, and only valid SNMP messages are sent. (BZ#1100099) * Previously, the snmpd service did not cut values in HOST-RESOURCES-MIB::hrStorageTable to signed 32-bit integers, as required by SNMP standards, and provided the values as unsigned integers. As a consequence, the HOST-RESOURCES-MIB::hrStorageTable implementation did not conform to RFC 2790. The values are now cut to 32-bit signed integers, and snmpd is therefore standard compliant. (BZ#1104293) Users of net-snmp are advised to upgrade to these updated packages, which contain backported patches to correct these issues." ); # https://lists.centos.org/pipermail/centos-cr-announce/2015-July/002025.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2bae3201" ); script_set_attribute( attribute:"solution", value:"Update the affected net-snmp packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-3565"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:net-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:net-snmp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:net-snmp-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:net-snmp-perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:net-snmp-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:net-snmp-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/10/07"); script_set_attribute(attribute:"patch_publication_date", value:"2015/07/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/07/28"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 6.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-6", reference:"net-snmp-5.5-54.el6")) flag++; if (rpm_check(release:"CentOS-6", reference:"net-snmp-devel-5.5-54.el6")) flag++; if (rpm_check(release:"CentOS-6", reference:"net-snmp-libs-5.5-54.el6")) flag++; if (rpm_check(release:"CentOS-6", reference:"net-snmp-perl-5.5-54.el6")) flag++; if (rpm_check(release:"CentOS-6", reference:"net-snmp-python-5.5-54.el6")) flag++; if (rpm_check(release:"CentOS-6", reference:"net-snmp-utils-5.5-54.el6")) flag++; if (flag) { cr_plugin_caveat = '\n' + 'NOTE: The security advisory associated with this vulnerability has a\n' + 'fixed package version that may only be available in the continuous\n' + 'release (CR) repository for CentOS, until it is present in the next\n' + 'point release of CentOS.\n\n' + 'If an equal or higher package level does not exist in the baseline\n' + 'repository for your major version of CentOS, then updates from the CR\n' + 'repository will need to be applied in order to address the\n' + 'vulnerability.\n'; security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + cr_plugin_caveat ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "net-snmp / net-snmp-devel / net-snmp-libs / net-snmp-perl / etc"); }
NASL family Scientific Linux Local Security Checks NASL id SL_20151119_NET_SNMP_ON_SL7_X.NASL description A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the last seen 2020-03-18 modified 2015-12-22 plugin id 87562 published 2015-12-22 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87562 title Scientific Linux Security Update : net-snmp on SL7.x x86_64 (20151119) code # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(87562); script_version("2.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/25"); script_cve_id("CVE-2014-3565"); script_name(english:"Scientific Linux Security Update : net-snmp on SL7.x x86_64 (20151119)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the '-OQ' option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash. (CVE-2014-3565) This update also fixes the following bugs : - Previously, the clientaddr option in the snmp.conf file affected outgoing messages sent only over IPv4. With this release, outgoing IPv6 messages are correctly sent from the interface specified by clientaddr. - The Net-SNMP daemon, snmpd, did not properly clean memory when reloading its configuration file with multiple 'exec' entries. Consequently, the daemon terminated unexpectedly. Now, the memory is properly cleaned, and snmpd no longer crashes on reload. - Prior to this update, snmpd did not parse complete IPv4 traffic statistics, but reported the number of received or sent bytes in the IP- MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4. This affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets, ipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the statistics reported by snmpd are collected for IPv4 as well. - The Net-SNMP daemon, snmpd, did not correctly detect the file system change from read-only to read-write. Consequently, after remounting the file system into the read-write mode, the daemon reported it to be still in the read-only mode. A patch has been applied, and snmpd now detects the mode changes as expected." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1512&L=scientific-linux-errata&F=&S=&P=6297 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?f62acd4b" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:net-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:net-snmp-agent-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:net-snmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:net-snmp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:net-snmp-gui"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:net-snmp-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:net-snmp-perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:net-snmp-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:net-snmp-sysvinit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:net-snmp-utils"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/10/07"); script_set_attribute(attribute:"patch_publication_date", value:"2015/11/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu); flag = 0; if (rpm_check(release:"SL7", cpu:"x86_64", reference:"net-snmp-5.7.2-24.el7")) flag++; if (rpm_check(release:"SL7", cpu:"x86_64", reference:"net-snmp-agent-libs-5.7.2-24.el7")) flag++; if (rpm_check(release:"SL7", cpu:"x86_64", reference:"net-snmp-debuginfo-5.7.2-24.el7")) flag++; if (rpm_check(release:"SL7", cpu:"x86_64", reference:"net-snmp-devel-5.7.2-24.el7")) flag++; if (rpm_check(release:"SL7", cpu:"x86_64", reference:"net-snmp-gui-5.7.2-24.el7")) flag++; if (rpm_check(release:"SL7", cpu:"x86_64", reference:"net-snmp-libs-5.7.2-24.el7")) flag++; if (rpm_check(release:"SL7", cpu:"x86_64", reference:"net-snmp-perl-5.7.2-24.el7")) flag++; if (rpm_check(release:"SL7", cpu:"x86_64", reference:"net-snmp-python-5.7.2-24.el7")) flag++; if (rpm_check(release:"SL7", cpu:"x86_64", reference:"net-snmp-sysvinit-5.7.2-24.el7")) flag++; if (rpm_check(release:"SL7", cpu:"x86_64", reference:"net-snmp-utils-5.7.2-24.el7")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "net-snmp / net-snmp-agent-libs / net-snmp-debuginfo / etc"); }
NASL family F5 Networks Local Security Checks NASL id F5_BIGIP_SOL17315.NASL description snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message. (CVE-2014-3565) last seen 2020-06-01 modified 2020-06-02 plugin id 91302 published 2016-05-24 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/91302 title F5 Networks BIG-IP : SNMP vulnerability (K17315) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from F5 Networks BIG-IP Solution K17315. # # The text description of this plugin is (C) F5 Networks. # include("compat.inc"); if (description) { script_id(91302); script_version("2.5"); script_cvs_date("Date: 2019/01/04 10:03:40"); script_cve_id("CVE-2014-3565"); script_bugtraq_id(69477); script_name(english:"F5 Networks BIG-IP : SNMP vulnerability (K17315)"); script_summary(english:"Checks the BIG-IP version."); script_set_attribute( attribute:"synopsis", value:"The remote device is missing a vendor-supplied security patch." ); script_set_attribute( attribute:"description", value: "snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message. (CVE-2014-3565)" ); script_set_attribute( attribute:"see_also", value:"https://support.f5.com/csp/article/K17315" ); script_set_attribute( attribute:"solution", value: "Upgrade to one of the non-vulnerable versions listed in the F5 Solution K17315." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"potential_vulnerability", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_advanced_firewall_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_acceleration_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_visibility_and_reporting"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_global_traffic_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_link_controller"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_policy_enforcement_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_wan_optimization_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_webaccelerator"); script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip"); script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip_protocol_security_manager"); script_set_attribute(attribute:"patch_publication_date", value:"2015/09/28"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/05/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"F5 Networks Local Security Checks"); script_dependencies("f5_bigip_detect.nbin"); script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version", "Settings/ParanoidReport"); exit(0); } include("f5_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); version = get_kb_item("Host/BIG-IP/version"); if ( ! version ) audit(AUDIT_OS_NOT, "F5 Networks BIG-IP"); if ( isnull(get_kb_item("Host/BIG-IP/hotfix")) ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/hotfix"); if ( ! get_kb_item("Host/BIG-IP/modules") ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/modules"); sol = "K17315"; vmatrix = make_array(); if (report_paranoia < 2) audit(AUDIT_PARANOID); # AFM vmatrix["AFM"] = make_array(); vmatrix["AFM"]["affected" ] = make_list("12.0.0","11.3.0-11.6.0"); vmatrix["AFM"]["unaffected"] = make_list("12.1.0"); # AM vmatrix["AM"] = make_array(); vmatrix["AM"]["affected" ] = make_list("12.0.0","11.4.0-11.6.0"); vmatrix["AM"]["unaffected"] = make_list("12.1.0"); # APM vmatrix["APM"] = make_array(); vmatrix["APM"]["affected" ] = make_list("12.0.0","11.0.0-11.6.0","10.1.0-10.2.4"); vmatrix["APM"]["unaffected"] = make_list("12.1.0"); # ASM vmatrix["ASM"] = make_array(); vmatrix["ASM"]["affected" ] = make_list("12.0.0","11.0.0-11.6.0","10.1.0-10.2.4"); vmatrix["ASM"]["unaffected"] = make_list("12.1.0"); # AVR vmatrix["AVR"] = make_array(); vmatrix["AVR"]["affected" ] = make_list("12.0.0","11.0.0-11.6.0"); vmatrix["AVR"]["unaffected"] = make_list("12.1.0"); # LC vmatrix["LC"] = make_array(); vmatrix["LC"]["affected" ] = make_list("12.0.0","11.0.0-11.6.0","10.1.0-10.2.4"); vmatrix["LC"]["unaffected"] = make_list("12.1.0"); # LTM vmatrix["LTM"] = make_array(); vmatrix["LTM"]["affected" ] = make_list("12.0.0","11.0.0-11.6.0","10.1.0-10.2.4"); vmatrix["LTM"]["unaffected"] = make_list("12.1.0"); # PEM vmatrix["PEM"] = make_array(); vmatrix["PEM"]["affected" ] = make_list("12.0.0","11.3.0-11.6.0"); vmatrix["PEM"]["unaffected"] = make_list("12.1.0"); if (bigip_is_affected(vmatrix:vmatrix, sol:sol)) { if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get()); else security_warning(0); exit(0); } else { tested = bigip_get_tested_modules(); audit_extra = "For BIG-IP module(s) " + tested + ","; if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version); else audit(AUDIT_HOST_NOT, "running any of the affected modules"); }
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2711-1.NASL description It was discovered that Net-SNMP incorrectly handled certain trap messages when the -OQ option was used. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service. (CVE-2014-3565) Qinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing failures. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-5621). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 85506 published 2015-08-18 reporter Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85506 title Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : net-snmp vulnerabilities (USN-2711-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-2711-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(85506); script_version("2.7"); script_cvs_date("Date: 2019/09/18 12:31:44"); script_cve_id("CVE-2014-3565", "CVE-2015-5621"); script_xref(name:"USN", value:"2711-1"); script_name(english:"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : net-snmp vulnerabilities (USN-2711-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "It was discovered that Net-SNMP incorrectly handled certain trap messages when the -OQ option was used. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service. (CVE-2014-3565) Qinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing failures. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-5621). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/2711-1/" ); script_set_attribute( attribute:"solution", value:"Update the affected libsnmp15 and / or libsnmp30 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsnmp15"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsnmp30"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:15.04"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/10/07"); script_set_attribute(attribute:"patch_publication_date", value:"2015/08/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/08/18"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(12\.04|14\.04|15\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04 / 14.04 / 15.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"12.04", pkgname:"libsnmp15", pkgver:"5.4.3~dfsg-2.4ubuntu1.3")) flag++; if (ubuntu_check(osver:"14.04", pkgname:"libsnmp30", pkgver:"5.7.2~dfsg-8.1ubuntu3.1")) flag++; if (ubuntu_check(osver:"15.04", pkgname:"libsnmp30", pkgver:"5.7.2~dfsg-8.1ubuntu5.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libsnmp15 / libsnmp30"); }
NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2015-0099.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - Add Oracle ACFS to hrStorage (John Haxby) [orabug 18510373] - Quicker loading of IP-MIB::ipAddrTable (#1191393) - Quicker loading of IP-MIB::ipAddressTable (#1191393) - Fixed snmptrapd crash when last seen 2020-06-01 modified 2020-06-02 plugin id 85140 published 2015-07-31 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85140 title OracleVM 3.3 : net-snmp (OVMSA-2015-0099) NASL family SuSE Local Security Checks NASL id SUSE_11_LIBSNMP15-140902.NASL description This update for net-snmp fixes a remote denial of service problem inside snmptrapd when it is started with the last seen 2020-06-05 modified 2014-09-10 plugin id 77600 published 2014-09-10 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/77600 title SuSE 11.3 Security Update : net-snmp (SAT Patch Number 9679) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_4622635F37A111E5997014DAE9D210B8.NASL description Murray McAllister reports : A remote denial-of-service flaw was found in the way snmptrapd handled certain SNMP traps when started with the last seen 2020-06-01 modified 2020-06-02 plugin id 85173 published 2015-08-03 reporter This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85173 title FreeBSD : net-snmp -- snmptrapd crash (4622635f-37a1-11e5-9970-14dae9d210b8) NASL family Solaris Local Security Checks NASL id SOLARIS11_NET-SNMP_20141216.NASL description The remote Solaris system is missing necessary patches to address security updates : - The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl. (CVE-2014-2285) - snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message. (CVE-2014-3565) last seen 2020-06-01 modified 2020-06-02 plugin id 80708 published 2015-01-19 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80708 title Oracle Solaris Third-Party Patch Update : net-snmp (cve_2012_2141_denial_of) NASL family Fedora Local Security Checks NASL id FEDORA_2014-9982.NASL description Update package fixes following bugs : - CVE-2014-3565 net-snmp: snmptrapd crash when handling an SNMP trap containing a ifMtu with a NULL type - net-snmp-cert now works without net-snmp-devel package installed Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-09-23 plugin id 77801 published 2014-09-23 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77801 title Fedora 21 : net-snmp-5.7.2-23.fc21 (2014-9982) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2015-092.NASL description Updated net-snmp packages fix security vulnerabilities : Remotely exploitable denial of service vulnerability in Net-SNMP, in the Linux implementation of the ICMP-MIB, making the SNMP agent vulnerable if it is making use of the ICMP-MIB table objects (CVE-2014-2284). Remotely exploitable denial of service vulnerability in Net-SNMP, in snmptrapd, due to how it handles trap requests with an empty community string when the perl handler is enabled (CVE-2014-2285). A remote denial-of-service flaw was found in the way snmptrapd handled certain SNMP traps when started with the -OQ option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash (CVE-2014-3565). last seen 2020-06-01 modified 2020-06-02 plugin id 82345 published 2015-03-30 reporter This script is Copyright (C) 2015-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82345 title Mandriva Linux Security Advisory : net-snmp (MDVSA-2015:092) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2015-1385.NASL description Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the last seen 2020-06-01 modified 2020-06-02 plugin id 84942 published 2015-07-23 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/84942 title RHEL 6 : net-snmp (RHSA-2015:1385) NASL family Scientific Linux Local Security Checks NASL id SL_20150722_NET_SNMP_ON_SL6_X.NASL description A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the last seen 2020-03-18 modified 2015-08-04 plugin id 85202 published 2015-08-04 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85202 title Scientific Linux Security Update : net-snmp on SL6.x i386/x86_64 (20150722) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2015-1385.NASL description From Red Hat Security Advisory 2015:1385 : Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the last seen 2020-06-01 modified 2020-06-02 plugin id 85103 published 2015-07-30 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85103 title Oracle Linux 6 : net-snmp (ELSA-2015-1385) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201507-17.NASL description The remote host is affected by the vulnerability described in GLSA-201507-17 (SNMP: Denial of Service) A specially crafted trap message triggers a conversion to an erroneous variable type when the -OQ option is used. Impact : A remote attacker could possibly cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 86086 published 2015-09-23 reporter This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/86086 title GLSA-201507-17 : SNMP: Denial of Service NASL family Fedora Local Security Checks NASL id FEDORA_2014-10099.NASL description Update package fixes following bugs : - CVE-2014-3565 net-snmp: snmptrapd crash when handling an SNMP trap containing a ifMtu with a NULL type - net-snmp-cert now works without net-snmp-devel package installed Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-09-11 plugin id 77612 published 2014-09-11 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77612 title Fedora 19 : net-snmp-5.7.2-15.fc19 (2014-10099) NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-533.NASL description net-snmp was updated to fix a remote denial of service problem inside snmptrapd when started with the last seen 2020-06-05 modified 2014-09-11 plugin id 77620 published 2014-09-11 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77620 title openSUSE Security Update : net-snmp (openSUSE-SU-2014:1108-1) NASL family MacOS X Local Security Checks NASL id MACOSX_10_11_1.NASL description The remote host is running a version of Mac OS X that is 10.9.5 or later but prior to 10.11.1 It is, therefore, affected by multiple vulnerabilities in the following components : - Accelerate Framework (CVE-2015-5940) - apache_mod_php (CVE-2015-0235, CVE-2015-0273, CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, CVE-2015-6838) - ATS (CVE-2015-6985) - Audio (CVE-2015-5933, CVE-2015-5934, CVE-2015-7003) - Bom (CVE-2015-7006) - CFNetwork (CVE-2015-7023) - configd (CVE-2015-7015) - CoreGraphics (CVE-2015-5925, CVE-2015-5926) - CoreText (CVE-2015-5944, CVE-2015-6975, CVE-2015-6992, CVE-2015-7017) - Directory Utility (CVE-2015-6980) - Disk Images (CVE-2015-6995) - EFI (CVE-2015-7035) - File Bookmark (CVE-2015-6987) - FontParser (CVE-2015-5927, CVE-2015-5942, CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, CVE-2015-7018) - Grand Central Dispatch (CVE-2015-6989) - Graphics Drivers (CVE-2015-7019, CVE-2015-7020, CVE-2015-7021) - ImageIO (CVE-2015-5935, CVE-2015-5936, CVE-2015-5937, CVE-2015-5938, CVE-2015-5939) - IOAcceleratorFamily (CVE-2015-6996) - IOHIDFamily (CVE-2015-6974) - Kernel (CVE-2015-5932, CVE-2015-6988, CVE-2015-6994) - libarchive (CVE-2015-6984) - MCX Application Restrictions (CVE-2015-7016) - Net-SNMP (CVE-2014-3565, CVE-2012-6151) - OpenGL (CVE-2015-5924) - OpenSSH (CVE-2015-6563) - Sandbox (CVE-2015-5945) - Script Editor (CVE-2015-7007) - Security (CVE-2015-6983, CVE-2015-7024) - SecurityAgent (CVE-2015-5943) Note that successful exploitation of the most serious issues can result in arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 86654 published 2015-10-29 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/86654 title Mac OS X < 10.11.1 Multiple Vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2014-10095.NASL description Update package fixes following bugs : - CVE-2014-3565 net-snmp: snmptrapd crash when handling an SNMP trap containing a ifMtu with a NULL type - net-snmp-cert now works without net-snmp-devel package installed Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-09-10 plugin id 77586 published 2014-09-10 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77586 title Fedora 20 : net-snmp-5.7.2-18.fc20 (2014-10095) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2015-2345.NASL description From Red Hat Security Advisory 2015:2345 : Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the last seen 2020-06-01 modified 2020-06-02 plugin id 87034 published 2015-11-24 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87034 title Oracle Linux 7 : net-snmp (ELSA-2015-2345) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2015-2345.NASL description Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the last seen 2020-06-01 modified 2020-06-02 plugin id 87150 published 2015-12-02 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87150 title CentOS 7 : net-snmp (CESA-2015:2345) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2014-184.NASL description Updated net-snmp packages fix security vulnerabilities : A remote denial-of-service flaw was found in the way snmptrapd handled certain SNMP traps when started with the -OQ option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash (CVE-2014-3565). last seen 2020-06-01 modified 2020-06-02 plugin id 77841 published 2014-09-25 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77841 title Mandriva Linux Security Advisory : net-snmp (MDVSA-2014:184)
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1125155
- http://sourceforge.net/p/net-snmp/official-patches/48/
- http://lists.opensuse.org/opensuse-updates/2014-09/msg00013.html
- http://sourceforge.net/p/net-snmp/code/ci/7f4a7b891332899cea26e95be0337aae01648742/
- http://www.ubuntu.com/usn/USN-2711-1
- https://support.apple.com/HT205375
- http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.securityfocus.com/bid/69477
- https://security.gentoo.org/glsa/201507-17
- http://rhn.redhat.com/errata/RHSA-2015-1385.html