Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2014-2284

Published: 24/03/2014 Updated: 13/09/2014
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Net-snmp

Vulnerability Summary

The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 prior to 5.5.2.1, 5.6.x prior to 5.6.2.1, and 5.7.x prior to 5.7.2.1 does not properly validate input, which allows remote malicious users to cause a denial of service via unspecified vectors.

Vulnerable Product Search on Vulmon Subscribe to Product

net-snmp net-snmp 5.7.2

net-snmp net-snmp 5.6.1.1

net-snmp net-snmp 5.5.2

net-snmp net-snmp 5.5

net-snmp net-snmp 5.5.0.2

net-snmp net-snmp 5.7

net-snmp net-snmp 5.7.1

net-snmp net-snmp 5.5.1

net-snmp net-snmp 5.5.1.1

net-snmp net-snmp 5.5.0.1

net-snmp net-snmp 5.6.2

net-snmp net-snmp 5.6

Vendor Advisories

Ubuntu Security Notice: net-snmp vulnerabilities
Net-SNMP could be made to crash if it received specially crafted network traffic ...
Debian CVElist Bug Report Logs: net-snmp: CVE-2012-6151: snmpd DoS when AgentX subagent times-out
Debian Bug report logs - #731625 net-snmp: CVE-2012-6151: snmpd DoS when AgentX subagent times-out Package: net-snmp; Maintainer for net-snmp is Net-SNMP Packaging Team <pkg-net-snmp-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 7 Dec 2013 15:42:01 UTC Severity: imp ...
Debian CVElist Bug Report Logs: net-snmp: CVE-2014-2284
Debian Bug report logs - #742817 net-snmp: CVE-2014-2284 Package: net-snmp; Maintainer for net-snmp is Net-SNMP Packaging Team <pkg-net-snmp-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 27 Mar 2014 18:57:02 UTC Severity: important Tags: security, upstream Found in ...
Amazon Linux AMI: ALAS-2014-316
A buffer overflow flaw was found in the way the decode_icmp_msg() function in the ICMP-MIB implementation processed Internet Control Message Protocol (ICMP) message statistics reported in the /proc/net/snmp file A remote attacker could send a message for each ICMP message type, which could potentially cause the snmpd service to crash when processi ...
Red Hat: CVE-2014-2284
The Linux implementation of the ICMP-MIB in Net-SNMP 55 before 5521, 56x before 5621, and 57x before 5721 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors ...

References

CWE-20http://lists.opensuse.org/opensuse-updates/2014-03/msg00061.htmlhttp://secunia.com/advisories/57526http://comments.gmane.org/gmane.comp.security.oss.general/12284http://sourceforge.net/p/net-snmp/code/ci/a1fd64716f6794c55c34d77e618210238a73bfa1/http://lists.opensuse.org/opensuse-updates/2014-03/msg00060.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0321.htmlhttp://secunia.com/advisories/57583http://secunia.com/advisories/57870http://www.ubuntu.com/usn/USN-2166-1http://secunia.com/advisories/57124http://secunia.com/advisories/59974http://www.gentoo.org/security/en/glsa/glsa-201409-02.xmlhttps://usn.ubuntu.com/2166-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2014-2284
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook