Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2014-2285

Published: 27/04/2014 Updated: 08/12/2016
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Net-snmp

Vulnerability Summary

The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and previous versions, when using certain Perl versions, allows remote malicious users to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.

Vulnerable Product Search on Vulmon Subscribe to Product

net-snmp net-snmp

Vendor Advisories

Ubuntu Security Notice: net-snmp vulnerabilities
Net-SNMP could be made to crash if it received specially crafted network traffic ...
Debian CVElist Bug Report Logs: net-snmp: CVE-2012-6151: snmpd DoS when AgentX subagent times-out
Debian Bug report logs - #731625 net-snmp: CVE-2012-6151: snmpd DoS when AgentX subagent times-out Package: net-snmp; Maintainer for net-snmp is Net-SNMP Packaging Team <pkg-net-snmp-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 7 Dec 2013 15:42:01 UTC Severity: imp ...
Debian CVElist Bug Report Logs: net-snmp: CVE-2014-3565
Debian Bug report logs - #760132 net-snmp: CVE-2014-3565 Package: src:net-snmp; Maintainer for src:net-snmp is Net-SNMP Packaging Team <pkg-net-snmp-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 1 Sep 2014 06:12:02 UTC Severity: important Tags: fixed-upstream, patch ...
Debian CVElist Bug Report Logs: net-snmp: CVE-2014-2284
Debian Bug report logs - #742817 net-snmp: CVE-2014-2284 Package: net-snmp; Maintainer for net-snmp is Net-SNMP Packaging Team <pkg-net-snmp-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 27 Mar 2014 18:57:02 UTC Severity: important Tags: security, upstream Found in ...
Red Hat: CVE-2014-2285
The perl_trapd_handler function in perl/TrapReceiver/TrapReceiverxs in Net-SNMP 573pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl ...

References

CWE-20http://lists.opensuse.org/opensuse-updates/2014-03/msg00060.htmlhttp://comments.gmane.org/gmane.comp.security.oss.general/12284https://bugzilla.redhat.com/show_bug.cgi?id=1072778http://sourceforge.net/p/net-snmp/patches/1275/http://www.nntp.perl.org/group/perl.perl5.porters/2006/09/msg116250.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1072044http://lists.opensuse.org/opensuse-updates/2014-03/msg00061.htmlhttp://secunia.com/advisories/59974http://www.gentoo.org/security/en/glsa/glsa-201409-02.xmlhttps://rhn.redhat.com/errata/RHSA-2014-0322.htmlhttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705https://usn.ubuntu.com/2166-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2014-2285
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injectionCVE-2024-35894SQLCVE-2024-5105CVE-2014-100005CVE-2024-35895unauthorizedCVE-2024-22120CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook