Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2014-3565

Published: 07/10/2014 Updated: 13/02/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Apple

Vulnerability Summary

snmplib/mib.c in net-snmp 5.7.0 and previous versions, when the -OQ option is used, allows remote malicious users to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message.

Vulnerable Product Search on Vulmon Subscribe to Product

apple mac os x 10.11.0

canonical ubuntu linux 12.04

canonical ubuntu linux 14.04

canonical ubuntu linux 15.04

net-snmp net-snmp 5.3

net-snmp net-snmp 5.0.6

net-snmp net-snmp 5.1

net-snmp net-snmp 5.0.9

net-snmp net-snmp 5.0

net-snmp net-snmp 5.3.0.1

net-snmp net-snmp 5.5

net-snmp net-snmp 5.0.7

net-snmp net-snmp 5.0.2

net-snmp net-snmp 5.2

net-snmp net-snmp 5.0.1

net-snmp net-snmp 5.4

net-snmp net-snmp 5.6

net-snmp net-snmp 5.0.3

net-snmp net-snmp 5.0.4

net-snmp net-snmp

net-snmp net-snmp 5.1.2

net-snmp net-snmp 5.0.5

net-snmp net-snmp 5.0.8

Vendor Advisories

Debian CVElist Bug Report Logs: net-snmp: CVE-2014-3565
Debian Bug report logs - #760132 net-snmp: CVE-2014-3565 Package: src:net-snmp; Maintainer for src:net-snmp is Net-SNMP Packaging Team <pkg-net-snmp-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 1 Sep 2014 06:12:02 UTC Severity: important Tags: fixed-upstream, patch ...
Ubuntu Security Notice: net-snmp vulnerabilities
Net-SNMP could be made to crash or run programs if it received specially crafted network traffic ...
Red Hat: CVE-2014-3565
A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash ...

References

CWE-399https://bugzilla.redhat.com/show_bug.cgi?id=1125155http://sourceforge.net/p/net-snmp/official-patches/48/http://lists.opensuse.org/opensuse-updates/2014-09/msg00013.htmlhttp://sourceforge.net/p/net-snmp/code/ci/7f4a7b891332899cea26e95be0337aae01648742/http://www.ubuntu.com/usn/USN-2711-1https://support.apple.com/HT205375http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.securityfocus.com/bid/69477https://security.gentoo.org/glsa/201507-17http://rhn.redhat.com/errata/RHSA-2015-1385.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760132https://usn.ubuntu.com/2711-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2014-3565
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook