ID CVE-2014-3565
Summary snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message.
References
Vulnerable Configurations
  • Apple Mac OS X 10.11.0
    cpe:2.3:o:apple:mac_os_x:10.11.0
  • Canonical Ubuntu Linux 12.04 LTS
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:lts
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 15.04
    cpe:2.3:o:canonical:ubuntu_linux:15.04
  • cpe:2.3:a:net-snmp:net-snmp:5.7.0
    cpe:2.3:a:net-snmp:net-snmp:5.7.0
  • Net-SNMP Net-SNMP 5.6
    cpe:2.3:a:net-snmp:net-snmp:5.6
  • Net-SNMP Net-SNMP 5.5
    cpe:2.3:a:net-snmp:net-snmp:5.5
  • Net-SNMP Net-SNMP 5.4
    cpe:2.3:a:net-snmp:net-snmp:5.4
  • Net-SNMP Net-SNMP 5.3.0.1
    cpe:2.3:a:net-snmp:net-snmp:5.3.0.1
  • Net-SNMP Net-SNMP 5.3
    cpe:2.3:a:net-snmp:net-snmp:5.3
  • Net-SNMP Net-SNMP 5.2
    cpe:2.3:a:net-snmp:net-snmp:5.2
  • Net-SNMP Net-SNMP 5.1.2
    cpe:2.3:a:net-snmp:net-snmp:5.1.2
  • Net-SNMP Net-SNMP 5.1
    cpe:2.3:a:net-snmp:net-snmp:5.1
  • Net-SNMP Net-SNMP 5.0.9
    cpe:2.3:a:net-snmp:net-snmp:5.0.9
  • Net-SNMP Net-SNMP 5.0.8
    cpe:2.3:a:net-snmp:net-snmp:5.0.8
  • Net-SNMP Net-SNMP 5.0.7
    cpe:2.3:a:net-snmp:net-snmp:5.0.7
  • Net-SNMP Net-SNMP 5.0.6
    cpe:2.3:a:net-snmp:net-snmp:5.0.6
  • Net-SNMP Net-SNMP 5.0.5
    cpe:2.3:a:net-snmp:net-snmp:5.0.5
  • Net-SNMP Net-SNMP 5.0.4
    cpe:2.3:a:net-snmp:net-snmp:5.0.4
  • Net-SNMP Net-SNMP 5.0.3
    cpe:2.3:a:net-snmp:net-snmp:5.0.3
  • Net-SNMP Net-SNMP 5.0.2
    cpe:2.3:a:net-snmp:net-snmp:5.0.2
  • Net-SNMP Net-SNMP 5.0.1
    cpe:2.3:a:net-snmp:net-snmp:5.0.1
  • Net-SNMP Net-SNMP 5.0
    cpe:2.3:a:net-snmp:net-snmp:5.0
CVSS
Base: 5.0 (as of 23-11-2015 - 12:01)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2015-092.NASL
    description Updated net-snmp packages fix security vulnerabilities : Remotely exploitable denial of service vulnerability in Net-SNMP, in the Linux implementation of the ICMP-MIB, making the SNMP agent vulnerable if it is making use of the ICMP-MIB table objects (CVE-2014-2284). Remotely exploitable denial of service vulnerability in Net-SNMP, in snmptrapd, due to how it handles trap requests with an empty community string when the perl handler is enabled (CVE-2014-2285). A remote denial-of-service flaw was found in the way snmptrapd handled certain SNMP traps when started with the -OQ option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash (CVE-2014-3565).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 82345
    published 2015-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82345
    title Mandriva Linux Security Advisory : net-snmp (MDVSA-2015:092)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2015-0099.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Add Oracle ACFS to hrStorage (John Haxby) [orabug 18510373] - Quicker loading of IP-MIB::ipAddrTable (#1191393) - Quicker loading of IP-MIB::ipAddressTable (#1191393) - Fixed snmptrapd crash when '-OQ' parameter is used and invalid trap is received (#CVE-2014-3565) - added faster caching into IP-MIB::ipNetToMediaTable (#789500) - fixed compilation with '-Werror=format-security' (#1181994) - added clear error message when port specified in 'clientaddrr' config option cannot be bound (#886468) - fixed error check in IP-MIB::ipAddressTable (#1012430) - fixed agentx client crash on failed response (#1023570) - fixed dashes in net-snmp-config.h (#1034441) - fixed crash on monitor trigger (#1050970) - fixed 'netsnmp_assert 1 == new_val->high failed' message in system log (#1065210) - fixed parsing of 64bit counters from SMUX subagents (#1069046) - Fixed HOST-RESOURCES-MIB::hrProcessorTable on machines with >100 CPUs (#1070075) - fixed net-snmp-create-v3-user to have the same content on 32 and 64bit installations (#1073544) - fixed IPADDRESS value length in Python bindings (#1100099) - fixed hrStorageTable to contain 31 bits integers (#1104293) - fixed links to developer man pages (#1119567) - fixed storageUseNFS functionality in hrStorageTable (#1125793) - fixed netsnmp_set Python bindings call truncating at the first '\000' character (#1126914) - fixed log level of SMUX messages (#1140234) - use python/README to net-snmp-python subpackage (#1157373) - fixed forwarding of traps with RequestID=0 in snmptrapd (#1146948) - fixed typos in NET-SNMP-PASS-MIB and SMUX-MIB (#1162040) - fixed close overhead of extend commands (#1188295) - fixed lmSensorsTable not reporting sensors with duplicate names (#967871) - fixed hrDeviceTable with interfaces with large ifIndex (#1195547) - added 'diskio' option to snmpd.conf, it's possible to monitor only selected devices in diskIOTable (#990674) - fixed CVE-2014-2284: denial of service flaw in Linux implementation of ICMP-MIB (#1073223) - added cache to hrSWRunTable to provide consistent results (#1007634) - skip 'mvfs' (ClearCase) when skipNFSInHostResources is enabled (#1073237) - fixed snmptrapd crashing on forwarding SNMPv3 traps (#1131844) - fixed HOST-RESOURCES-MIB::hrSystemProcesses (#1134335) - fixed snmp daemons and utilities crashing in FIPS mode (#1001830) - added support of btrfs filesystem in hrStorageTable (#1006706) - fixed issues found by static analysis tools - restored ABI of read_configs_* functions - fixed parsing of bulk responses (#983116) - added support of vzfs filesystem in hrStorageTable (#989498) - fixed endless loop when parsing sendmail configuration file with queue groups (#991213) - fixed potential memory leak on realloc failure when processing 'extend' option (#893119) - added precise enumeration of configuration files searched to snmp_config(5) man page (#907571) - set permissions of snmpd.conf and snmptrapd conf to 0600 (#919239) - fixed kernel threads in hrSWRunTable (#919952) - fixed various error codes in Python module (#955771) - fixed snmpd crashing in the middle of agentx request processing when a subagent disconnects (#955511) - allow 'includeFile' and 'includeDir' options in configuration files (#917816) - fixed netlink message size (#927474) - fixed IF-MIB::ifSpeedHi on systems with non-standard interface speeds (#947973) - fixed BRIDGE-MIB::dot1dBasePortTable not to include the bridge itself as a port (#960568) - fixed snmpd segfault when 'agentaddress' configuration options is used and too many SIGHUP signals are received (#968898) - updated UCD-SNMP-MIB::dskTable to dynamically add/remove disks if 'includeAllDisks' is specified in snmpd.conf (#922691) - fixed crash when parsing invalid SNMP packets (#953926) - fixed snmpd crashing with 'exec' command with no arguments in snmpd.conf (#919259)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 85140
    published 2015-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85140
    title OracleVM 3.3 : net-snmp (OVMSA-2015-0099)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_11_1.NASL
    description The remote host is running a version of Mac OS X that is 10.9.5 or later but prior to 10.11.1 It is, therefore, affected by multiple vulnerabilities in the following components : - Accelerate Framework (CVE-2015-5940) - apache_mod_php (CVE-2015-0235, CVE-2015-0273, CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, CVE-2015-6838) - ATS (CVE-2015-6985) - Audio (CVE-2015-5933, CVE-2015-5934, CVE-2015-7003) - Bom (CVE-2015-7006) - CFNetwork (CVE-2015-7023) - configd (CVE-2015-7015) - CoreGraphics (CVE-2015-5925, CVE-2015-5926) - CoreText (CVE-2015-5944, CVE-2015-6975, CVE-2015-6992, CVE-2015-7017) - Directory Utility (CVE-2015-6980) - Disk Images (CVE-2015-6995) - EFI (CVE-2015-7035) - File Bookmark (CVE-2015-6987) - FontParser (CVE-2015-5927, CVE-2015-5942, CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, CVE-2015-7018) - Grand Central Dispatch (CVE-2015-6989) - Graphics Drivers (CVE-2015-7019, CVE-2015-7020, CVE-2015-7021) - ImageIO (CVE-2015-5935, CVE-2015-5936, CVE-2015-5937, CVE-2015-5938, CVE-2015-5939) - IOAcceleratorFamily (CVE-2015-6996) - IOHIDFamily (CVE-2015-6974) - Kernel (CVE-2015-5932, CVE-2015-6988, CVE-2015-6994) - libarchive (CVE-2015-6984) - MCX Application Restrictions (CVE-2015-7016) - Net-SNMP (CVE-2014-3565, CVE-2012-6151) - OpenGL (CVE-2015-5924) - OpenSSH (CVE-2015-6563) - Sandbox (CVE-2015-5945) - Script Editor (CVE-2015-7007) - Security (CVE-2015-6983, CVE-2015-7024) - SecurityAgent (CVE-2015-5943) Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 86654
    published 2015-10-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86654
    title Mac OS X < 10.11.1 Multiple Vulnerabilities
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2015-1385.NASL
    description Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the '-OQ' option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash. (CVE-2014-3565) This update also fixes the following bugs : * The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented because parts of the HOST-RESOURCES-MIB module were rewritten in an earlier version of net-snmp. Consequently, HOST-RESOURCES-MIB::hrSystemProcesses did not provide information on the number of currently loaded or running processes. With this update, HOST-RESOURCES-MIB::hrSystemProcesses has been implemented, and the net-snmp daemon reports as expected. (BZ#1134335) * The Net-SNMP agent daemon, snmpd, reloaded the system ARP table every 60 seconds. As a consequence, snmpd could cause a short CPU usage spike on busy systems with a large APR table. With this update, snmpd does not reload the full ARP table periodically, but monitors the table changes using a netlink socket. (BZ#789500) * Previously, snmpd used an invalid pointer to the current time when periodically checking certain conditions specified by the 'monitor' option in the /etc/snmpd/snmpd.conf file. Consequently, snmpd terminated unexpectedly on start with a segmentation fault if a certain entry with the 'monitor' option was used. Now, snmpd initializes the correct pointer to the current time, and snmpd no longer crashes on start. (BZ#1050970) * Previously, snmpd expected 8-bit network interface indices when processing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of a local network interface was larger than 30,000 items, snmpd could terminate unexpectedly due to accessing invalid memory. Now, processing of all network sizes is enabled, and snmpd no longer crashes in the described situation. (BZ#1195547) * The snmpdtrapd service incorrectly checked for errors when forwarding a trap with a RequestID value of 0, and logged 'Forward failed' even though the trap was successfully forwarded. This update fixes snmptrapd checks and the aforementioned message is now logged only when appropriate. (BZ#1146948) * Previously, snmpd ignored the value of the 'storageUseNFS' option in the /etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were shown as 'Network Disks', even though 'storageUseNFS' was set to '2' to report them as 'Fixed Disks' in HOST-RESOURCES-MIB::hrStorageTable. With this update, snmpd takes the 'storageUseNFS' option value into account, and 'Fixed Disks' NFS drives are reported correctly. (BZ#1125793) * Previously, the Net-SNMP python binding used an incorrect size (8 bytes instead of 4) for variables of IPADDRESS type. Consequently, applications that were using Net-SNMP Python bindings could send malformed SNMP messages. With this update, the bindings now use 4 bytes for variables with IPADRESS type, and only valid SNMP messages are sent. (BZ#1100099) * Previously, the snmpd service did not cut values in HOST-RESOURCES-MIB::hrStorageTable to signed 32-bit integers, as required by SNMP standards, and provided the values as unsigned integers. As a consequence, the HOST-RESOURCES-MIB::hrStorageTable implementation did not conform to RFC 2790. The values are now cut to 32-bit signed integers, and snmpd is therefore standard compliant. (BZ#1104293) Users of net-snmp are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 85016
    published 2015-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85016
    title CentOS 6 : net-snmp (CESA-2015:1385)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_4622635F37A111E5997014DAE9D210B8.NASL
    description Murray McAllister reports : A remote denial-of-service flaw was found in the way snmptrapd handled certain SNMP traps when started with the '-OQ' option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 85173
    published 2015-08-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85173
    title FreeBSD : net-snmp -- snmptrapd crash (4622635f-37a1-11e5-9970-14dae9d210b8)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_NET-SNMP_20141216.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl. (CVE-2014-2285) - snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message. (CVE-2014-3565)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80708
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80708
    title Oracle Solaris Third-Party Patch Update : net-snmp (cve_2012_2141_denial_of)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20150722_NET_SNMP_ON_SL6_X.NASL
    description A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the '-OQ' option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash. (CVE-2014-3565) This update also fixes the following bugs : - The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented because parts of the HOST-RESOURCES-MIB module were rewritten in an earlier version of net-snmp. Consequently, HOST-RESOURCES- MIB::hrSystemProcesses did not provide information on the number of currently loaded or running processes. With this update, HOST-RESOURCES- MIB::hrSystemProcesses has been implemented, and the net-snmp daemon reports as expected. - The Net-SNMP agent daemon, snmpd, reloaded the system ARP table every 60 seconds. As a consequence, snmpd could cause a short CPU usage spike on busy systems with a large APR table. With this update, snmpd does not reload the full ARP table periodically, but monitors the table changes using a netlink socket. - Previously, snmpd used an invalid pointer to the current time when periodically checking certain conditions specified by the 'monitor' option in the /etc/snmpd/snmpd.conf file. Consequently, snmpd terminated unexpectedly on start with a segmentation fault if a certain entry with the 'monitor' option was used. Now, snmpd initializes the correct pointer to the current time, and snmpd no longer crashes on start. - Previously, snmpd expected 8-bit network interface indices when processing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of a local network interface was larger than 30,000 items, snmpd could terminate unexpectedly due to accessing invalid memory. Now, processing of all network sizes is enabled, and snmpd no longer crashes in the described situation. - The snmpdtrapd service incorrectly checked for errors when forwarding a trap with a RequestID value of 0, and logged 'Forward failed' even though the trap was successfully forwarded. This update fixes snmptrapd checks and the aforementioned message is now logged only when appropriate. - Previously, snmpd ignored the value of the 'storageUseNFS' option in the /etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were shown as 'Network Disks', even though 'storageUseNFS' was set to '2' to report them as 'Fixed Disks' in HOST-RESOURCES-MIB::hrStorageTable. With this update, snmpd takes the 'storageUseNFS' option value into account, and 'Fixed Disks' NFS drives are reported correctly. - Previously, the Net-SNMP python binding used an incorrect size (8 bytes instead of 4) for variables of IPADDRESS type. Consequently, applications that were using Net-SNMP Python bindings could send malformed SNMP messages. With this update, the bindings now use 4 bytes for variables with IPADRESS type, and only valid SNMP messages are sent. - Previously, the snmpd service did not cut values in HOST-RESOURCES- MIB::hrStorageTable to signed 32-bit integers, as required by SNMP standards, and provided the values as unsigned integers. As a consequence, the HOST-RESOURCES-MIB::hrStorageTable implementation did not conform to RFC 2790. The values are now cut to 32-bit signed integers, and snmpd is therefore standard compliant.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 85202
    published 2015-08-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85202
    title Scientific Linux Security Update : net-snmp on SL6.x i386/x86_64
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-10095.NASL
    description Update package fixes following bugs : - CVE-2014-3565 net-snmp: snmptrapd crash when handling an SNMP trap containing a ifMtu with a NULL type - net-snmp-cert now works without net-snmp-devel package installed Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 77586
    published 2014-09-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77586
    title Fedora 20 : net-snmp-5.7.2-18.fc20 (2014-10095)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-1385.NASL
    description Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the '-OQ' option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash. (CVE-2014-3565) This update also fixes the following bugs : * The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented because parts of the HOST-RESOURCES-MIB module were rewritten in an earlier version of net-snmp. Consequently, HOST-RESOURCES-MIB::hrSystemProcesses did not provide information on the number of currently loaded or running processes. With this update, HOST-RESOURCES-MIB::hrSystemProcesses has been implemented, and the net-snmp daemon reports as expected. (BZ#1134335) * The Net-SNMP agent daemon, snmpd, reloaded the system ARP table every 60 seconds. As a consequence, snmpd could cause a short CPU usage spike on busy systems with a large APR table. With this update, snmpd does not reload the full ARP table periodically, but monitors the table changes using a netlink socket. (BZ#789500) * Previously, snmpd used an invalid pointer to the current time when periodically checking certain conditions specified by the 'monitor' option in the /etc/snmpd/snmpd.conf file. Consequently, snmpd terminated unexpectedly on start with a segmentation fault if a certain entry with the 'monitor' option was used. Now, snmpd initializes the correct pointer to the current time, and snmpd no longer crashes on start. (BZ#1050970) * Previously, snmpd expected 8-bit network interface indices when processing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of a local network interface was larger than 30,000 items, snmpd could terminate unexpectedly due to accessing invalid memory. Now, processing of all network sizes is enabled, and snmpd no longer crashes in the described situation. (BZ#1195547) * The snmpdtrapd service incorrectly checked for errors when forwarding a trap with a RequestID value of 0, and logged 'Forward failed' even though the trap was successfully forwarded. This update fixes snmptrapd checks and the aforementioned message is now logged only when appropriate. (BZ#1146948) * Previously, snmpd ignored the value of the 'storageUseNFS' option in the /etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were shown as 'Network Disks', even though 'storageUseNFS' was set to '2' to report them as 'Fixed Disks' in HOST-RESOURCES-MIB::hrStorageTable. With this update, snmpd takes the 'storageUseNFS' option value into account, and 'Fixed Disks' NFS drives are reported correctly. (BZ#1125793) * Previously, the Net-SNMP python binding used an incorrect size (8 bytes instead of 4) for variables of IPADDRESS type. Consequently, applications that were using Net-SNMP Python bindings could send malformed SNMP messages. With this update, the bindings now use 4 bytes for variables with IPADRESS type, and only valid SNMP messages are sent. (BZ#1100099) * Previously, the snmpd service did not cut values in HOST-RESOURCES-MIB::hrStorageTable to signed 32-bit integers, as required by SNMP standards, and provided the values as unsigned integers. As a consequence, the HOST-RESOURCES-MIB::hrStorageTable implementation did not conform to RFC 2790. The values are now cut to 32-bit signed integers, and snmpd is therefore standard compliant. (BZ#1104293) Users of net-snmp are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 84942
    published 2015-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=84942
    title RHEL 6 : net-snmp (RHSA-2015:1385)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-533.NASL
    description net-snmp was updated to fix a remote denial of service problem inside snmptrapd when started with the '-OQ' option (CVE-2014-3565)(bnc#894361)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 77620
    published 2014-09-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77620
    title openSUSE Security Update : net-snmp (openSUSE-SU-2014:1108-1)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL17315.NASL
    description snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message. (CVE-2014-3565)
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 91302
    published 2016-05-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91302
    title F5 Networks BIG-IP : SNMP vulnerability (K17315)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-2345.NASL
    description Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the '-OQ' option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash. (CVE-2014-3565) This update also fixes the following bugs : * Previously, the clientaddr option in the snmp.conf file affected outgoing messages sent only over IPv4. With this release, outgoing IPv6 messages are correctly sent from the interface specified by clientaddr. (BZ#1190679) * The Net-SNMP daemon, snmpd, did not properly clean memory when reloading its configuration file with multiple 'exec' entries. Consequently, the daemon terminated unexpectedly. Now, the memory is properly cleaned, and snmpd no longer crashes on reload. (BZ#1228893) * Prior to this update, snmpd did not parse complete IPv4 traffic statistics, but reported the number of received or sent bytes in the IP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4. This affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets, ipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the statistics reported by snmpd are collected for IPv4 as well. (BZ#1235697) * The Net-SNMP daemon, snmpd, did not correctly detect the file system change from read-only to read-write. Consequently, after remounting the file system into the read-write mode, the daemon reported it to be still in the read-only mode. A patch has been applied, and snmpd now detects the mode changes as expected. (BZ#1241897) All net-snmp users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 86982
    published 2015-11-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86982
    title RHEL 7 : net-snmp (RHSA-2015:2345)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2015-2345.NASL
    description Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the '-OQ' option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash. (CVE-2014-3565) This update also fixes the following bugs : * Previously, the clientaddr option in the snmp.conf file affected outgoing messages sent only over IPv4. With this release, outgoing IPv6 messages are correctly sent from the interface specified by clientaddr. (BZ#1190679) * The Net-SNMP daemon, snmpd, did not properly clean memory when reloading its configuration file with multiple 'exec' entries. Consequently, the daemon terminated unexpectedly. Now, the memory is properly cleaned, and snmpd no longer crashes on reload. (BZ#1228893) * Prior to this update, snmpd did not parse complete IPv4 traffic statistics, but reported the number of received or sent bytes in the IP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4. This affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets, ipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the statistics reported by snmpd are collected for IPv4 as well. (BZ#1235697) * The Net-SNMP daemon, snmpd, did not correctly detect the file system change from read-only to read-write. Consequently, after remounting the file system into the read-write mode, the daemon reported it to be still in the read-only mode. A patch has been applied, and snmpd now detects the mode changes as expected. (BZ#1241897) All net-snmp users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 87150
    published 2015-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87150
    title CentOS 7 : net-snmp (CESA-2015:2345)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-9982.NASL
    description Update package fixes following bugs : - CVE-2014-3565 net-snmp: snmptrapd crash when handling an SNMP trap containing a ifMtu with a NULL type - net-snmp-cert now works without net-snmp-devel package installed Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 77801
    published 2014-09-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77801
    title Fedora 21 : net-snmp-5.7.2-23.fc21 (2014-9982)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201507-17.NASL
    description The remote host is affected by the vulnerability described in GLSA-201507-17 (SNMP: Denial of Service) A specially crafted trap message triggers a conversion to an erroneous variable type when the -OQ option is used. Impact : A remote attacker could possibly cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 86086
    published 2015-09-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86086
    title GLSA-201507-17 : SNMP: Denial of Service
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2014-184.NASL
    description Updated net-snmp packages fix security vulnerabilities : A remote denial-of-service flaw was found in the way snmptrapd handled certain SNMP traps when started with the -OQ option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash (CVE-2014-3565).
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 77841
    published 2014-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77841
    title Mandriva Linux Security Advisory : net-snmp (MDVSA-2014:184)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2015-1385.NASL
    description From Red Hat Security Advisory 2015:1385 : Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the '-OQ' option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash. (CVE-2014-3565) This update also fixes the following bugs : * The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented because parts of the HOST-RESOURCES-MIB module were rewritten in an earlier version of net-snmp. Consequently, HOST-RESOURCES-MIB::hrSystemProcesses did not provide information on the number of currently loaded or running processes. With this update, HOST-RESOURCES-MIB::hrSystemProcesses has been implemented, and the net-snmp daemon reports as expected. (BZ#1134335) * The Net-SNMP agent daemon, snmpd, reloaded the system ARP table every 60 seconds. As a consequence, snmpd could cause a short CPU usage spike on busy systems with a large APR table. With this update, snmpd does not reload the full ARP table periodically, but monitors the table changes using a netlink socket. (BZ#789500) * Previously, snmpd used an invalid pointer to the current time when periodically checking certain conditions specified by the 'monitor' option in the /etc/snmpd/snmpd.conf file. Consequently, snmpd terminated unexpectedly on start with a segmentation fault if a certain entry with the 'monitor' option was used. Now, snmpd initializes the correct pointer to the current time, and snmpd no longer crashes on start. (BZ#1050970) * Previously, snmpd expected 8-bit network interface indices when processing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of a local network interface was larger than 30,000 items, snmpd could terminate unexpectedly due to accessing invalid memory. Now, processing of all network sizes is enabled, and snmpd no longer crashes in the described situation. (BZ#1195547) * The snmpdtrapd service incorrectly checked for errors when forwarding a trap with a RequestID value of 0, and logged 'Forward failed' even though the trap was successfully forwarded. This update fixes snmptrapd checks and the aforementioned message is now logged only when appropriate. (BZ#1146948) * Previously, snmpd ignored the value of the 'storageUseNFS' option in the /etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were shown as 'Network Disks', even though 'storageUseNFS' was set to '2' to report them as 'Fixed Disks' in HOST-RESOURCES-MIB::hrStorageTable. With this update, snmpd takes the 'storageUseNFS' option value into account, and 'Fixed Disks' NFS drives are reported correctly. (BZ#1125793) * Previously, the Net-SNMP python binding used an incorrect size (8 bytes instead of 4) for variables of IPADDRESS type. Consequently, applications that were using Net-SNMP Python bindings could send malformed SNMP messages. With this update, the bindings now use 4 bytes for variables with IPADRESS type, and only valid SNMP messages are sent. (BZ#1100099) * Previously, the snmpd service did not cut values in HOST-RESOURCES-MIB::hrStorageTable to signed 32-bit integers, as required by SNMP standards, and provided the values as unsigned integers. As a consequence, the HOST-RESOURCES-MIB::hrStorageTable implementation did not conform to RFC 2790. The values are now cut to 32-bit signed integers, and snmpd is therefore standard compliant. (BZ#1104293) Users of net-snmp are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 85103
    published 2015-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85103
    title Oracle Linux 6 : net-snmp (ELSA-2015-1385)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2015-2345.NASL
    description From Red Hat Security Advisory 2015:2345 : Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the '-OQ' option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash. (CVE-2014-3565) This update also fixes the following bugs : * Previously, the clientaddr option in the snmp.conf file affected outgoing messages sent only over IPv4. With this release, outgoing IPv6 messages are correctly sent from the interface specified by clientaddr. (BZ#1190679) * The Net-SNMP daemon, snmpd, did not properly clean memory when reloading its configuration file with multiple 'exec' entries. Consequently, the daemon terminated unexpectedly. Now, the memory is properly cleaned, and snmpd no longer crashes on reload. (BZ#1228893) * Prior to this update, snmpd did not parse complete IPv4 traffic statistics, but reported the number of received or sent bytes in the IP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4. This affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets, ipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the statistics reported by snmpd are collected for IPv4 as well. (BZ#1235697) * The Net-SNMP daemon, snmpd, did not correctly detect the file system change from read-only to read-write. Consequently, after remounting the file system into the read-write mode, the daemon reported it to be still in the read-only mode. A patch has been applied, and snmpd now detects the mode changes as expected. (BZ#1241897) All net-snmp users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 87034
    published 2015-11-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87034
    title Oracle Linux 7 : net-snmp (ELSA-2015-2345)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2711-1.NASL
    description It was discovered that Net-SNMP incorrectly handled certain trap messages when the -OQ option was used. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service. (CVE-2014-3565) Qinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing failures. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-5621). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 85506
    published 2015-08-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85506
    title Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : net-snmp vulnerabilities (USN-2711-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-10099.NASL
    description Update package fixes following bugs : - CVE-2014-3565 net-snmp: snmptrapd crash when handling an SNMP trap containing a ifMtu with a NULL type - net-snmp-cert now works without net-snmp-devel package installed Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 77612
    published 2014-09-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77612
    title Fedora 19 : net-snmp-5.7.2-15.fc19 (2014-10099)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20151119_NET_SNMP_ON_SL7_X.NASL
    description A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the '-OQ' option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash. (CVE-2014-3565) This update also fixes the following bugs : - Previously, the clientaddr option in the snmp.conf file affected outgoing messages sent only over IPv4. With this release, outgoing IPv6 messages are correctly sent from the interface specified by clientaddr. - The Net-SNMP daemon, snmpd, did not properly clean memory when reloading its configuration file with multiple 'exec' entries. Consequently, the daemon terminated unexpectedly. Now, the memory is properly cleaned, and snmpd no longer crashes on reload. - Prior to this update, snmpd did not parse complete IPv4 traffic statistics, but reported the number of received or sent bytes in the IP- MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4. This affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets, ipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the statistics reported by snmpd are collected for IPv4 as well. - The Net-SNMP daemon, snmpd, did not correctly detect the file system change from read-only to read-write. Consequently, after remounting the file system into the read-write mode, the daemon reported it to be still in the read-only mode. A patch has been applied, and snmpd now detects the mode changes as expected.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 87562
    published 2015-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87562
    title Scientific Linux Security Update : net-snmp on SL7.x x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBSNMP15-140902.NASL
    description This update for net-snmp fixes a remote denial of service problem inside snmptrapd when it is started with the '-OQ' option. (CVE-2014-3565, bnc#894361) Additionally, a timeout issue during SNMP MIB walk on OID 1.3.6.1.2.1.4.24 when using newer (v5.5+) versions of snmpwalk has been fixed. (bnc#865222)
    last seen 2019-02-21
    modified 2014-10-09
    plugin id 77600
    published 2014-09-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77600
    title SuSE 11.3 Security Update : net-snmp (SAT Patch Number 9679)
redhat via4
advisories
  • bugzilla
    id 1188295
    title net-snmp snmpd fork() overhead [fix available]
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment net-snmp is earlier than 1:5.5-54.el6
          oval oval:com.redhat.rhsa:tst:20151385013
        • comment net-snmp is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150006
      • AND
        • comment net-snmp-devel is earlier than 1:5.5-54.el6
          oval oval:com.redhat.rhsa:tst:20151385011
        • comment net-snmp-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150016
      • AND
        • comment net-snmp-libs is earlier than 1:5.5-54.el6
          oval oval:com.redhat.rhsa:tst:20151385005
        • comment net-snmp-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150014
      • AND
        • comment net-snmp-perl is earlier than 1:5.5-54.el6
          oval oval:com.redhat.rhsa:tst:20151385015
        • comment net-snmp-perl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150010
      • AND
        • comment net-snmp-python is earlier than 1:5.5-54.el6
          oval oval:com.redhat.rhsa:tst:20151385007
        • comment net-snmp-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150012
      • AND
        • comment net-snmp-utils is earlier than 1:5.5-54.el6
          oval oval:com.redhat.rhsa:tst:20151385009
        • comment net-snmp-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150008
    rhsa
    id RHSA-2015:1385
    released 2015-07-22
    severity Moderate
    title RHSA-2015:1385: net-snmp security and bug fix update (Moderate)
  • bugzilla
    id 1252053
    title net-snmp does not display correct lm_sensors sensor data / missing CPU cores
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment net-snmp is earlier than 1:5.7.2-24.el7
          oval oval:com.redhat.rhsa:tst:20152345017
        • comment net-snmp is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150006
      • AND
        • comment net-snmp-agent-libs is earlier than 1:5.7.2-24.el7
          oval oval:com.redhat.rhsa:tst:20152345021
        • comment net-snmp-agent-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20151636026
      • AND
        • comment net-snmp-devel is earlier than 1:5.7.2-24.el7
          oval oval:com.redhat.rhsa:tst:20152345013
        • comment net-snmp-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150016
      • AND
        • comment net-snmp-gui is earlier than 1:5.7.2-24.el7
          oval oval:com.redhat.rhsa:tst:20152345015
        • comment net-snmp-gui is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20151636030
      • AND
        • comment net-snmp-libs is earlier than 1:5.7.2-24.el7
          oval oval:com.redhat.rhsa:tst:20152345005
        • comment net-snmp-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150014
      • AND
        • comment net-snmp-perl is earlier than 1:5.7.2-24.el7
          oval oval:com.redhat.rhsa:tst:20152345011
        • comment net-snmp-perl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150010
      • AND
        • comment net-snmp-python is earlier than 1:5.7.2-24.el7
          oval oval:com.redhat.rhsa:tst:20152345009
        • comment net-snmp-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150012
      • AND
        • comment net-snmp-sysvinit is earlier than 1:5.7.2-24.el7
          oval oval:com.redhat.rhsa:tst:20152345019
        • comment net-snmp-sysvinit is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20151636024
      • AND
        • comment net-snmp-utils is earlier than 1:5.7.2-24.el7
          oval oval:com.redhat.rhsa:tst:20152345007
        • comment net-snmp-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150008
    rhsa
    id RHSA-2015:2345
    released 2015-11-19
    severity Moderate
    title RHSA-2015:2345: net-snmp security and bug fix update (Moderate)
rpms
  • net-snmp-1:5.5-54.el6
  • net-snmp-devel-1:5.5-54.el6
  • net-snmp-libs-1:5.5-54.el6
  • net-snmp-perl-1:5.5-54.el6
  • net-snmp-python-1:5.5-54.el6
  • net-snmp-utils-1:5.5-54.el6
  • net-snmp-1:5.7.2-24.el7
  • net-snmp-agent-libs-1:5.7.2-24.el7
  • net-snmp-devel-1:5.7.2-24.el7
  • net-snmp-gui-1:5.7.2-24.el7
  • net-snmp-libs-1:5.7.2-24.el7
  • net-snmp-perl-1:5.7.2-24.el7
  • net-snmp-python-1:5.7.2-24.el7
  • net-snmp-sysvinit-1:5.7.2-24.el7
  • net-snmp-utils-1:5.7.2-24.el7
refmap via4
apple APPLE-SA-2015-10-21-4
bid 69477
confirm
gentoo GLSA-201507-17
suse openSUSE-SU-2014:1108
ubuntu USN-2711-1
Last major update 23-12-2016 - 21:59
Published 07-10-2014 - 10:55
Back to Top