ID CVE-2012-2141
Summary Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an entry not in the extension table.
References
Vulnerable Configurations
  • cpe:2.3:a:net-snmp:net-snmp:5.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:net-snmp:net-snmp:5.7.1:*:*:*:*:*:*:*
CVSS
Base: 3.5 (as of 29-08-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:S/C:N/I:N/A:P
redhat via4
advisories
  • bugzilla
    id 822480
    title move /var/lib/net-snmp from net-snmp to net-snmp-libs
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment net-snmp is earlier than 1:5.5-41.el6
          oval oval:com.redhat.rhsa:tst:20120876005
        • comment net-snmp is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150006
      • AND
        • comment net-snmp-devel is earlier than 1:5.5-41.el6
          oval oval:com.redhat.rhsa:tst:20120876013
        • comment net-snmp-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150016
      • AND
        • comment net-snmp-libs is earlier than 1:5.5-41.el6
          oval oval:com.redhat.rhsa:tst:20120876015
        • comment net-snmp-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150014
      • AND
        • comment net-snmp-perl is earlier than 1:5.5-41.el6
          oval oval:com.redhat.rhsa:tst:20120876007
        • comment net-snmp-perl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150010
      • AND
        • comment net-snmp-python is earlier than 1:5.5-41.el6
          oval oval:com.redhat.rhsa:tst:20120876009
        • comment net-snmp-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150012
      • AND
        • comment net-snmp-utils is earlier than 1:5.5-41.el6
          oval oval:com.redhat.rhsa:tst:20120876011
        • comment net-snmp-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131150008
    rhsa
    id RHSA-2012:0876
    released 2012-06-20
    severity Moderate
    title RHSA-2012:0876: net-snmp security and bug fix update (Moderate)
  • bugzilla
    id 840861
    title cannot bind to the specified port
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment net-snmp is earlier than 1:5.3.2.2-20.el5
          oval oval:com.redhat.rhsa:tst:20130124002
        • comment net-snmp is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071045020
      • AND
        • comment net-snmp-devel is earlier than 1:5.3.2.2-20.el5
          oval oval:com.redhat.rhsa:tst:20130124006
        • comment net-snmp-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071045022
      • AND
        • comment net-snmp-libs is earlier than 1:5.3.2.2-20.el5
          oval oval:com.redhat.rhsa:tst:20130124004
        • comment net-snmp-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071045026
      • AND
        • comment net-snmp-perl is earlier than 1:5.3.2.2-20.el5
          oval oval:com.redhat.rhsa:tst:20130124010
        • comment net-snmp-perl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071045024
      • AND
        • comment net-snmp-utils is earlier than 1:5.3.2.2-20.el5
          oval oval:com.redhat.rhsa:tst:20130124008
        • comment net-snmp-utils is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071045028
    rhsa
    id RHSA-2013:0124
    released 2013-01-08
    severity Moderate
    title RHSA-2013:0124: net-snmp security and bug fix update (Moderate)
rpms
  • net-snmp-1:5.5-41.el6
  • net-snmp-devel-1:5.5-41.el6
  • net-snmp-libs-1:5.5-41.el6
  • net-snmp-perl-1:5.5-41.el6
  • net-snmp-python-1:5.5-41.el6
  • net-snmp-utils-1:5.5-41.el6
  • net-snmp-1:5.3.2.2-20.el5
  • net-snmp-devel-1:5.3.2.2-20.el5
  • net-snmp-libs-1:5.3.2.2-20.el5
  • net-snmp-perl-1:5.3.2.2-20.el5
  • net-snmp-utils-1:5.3.2.2-20.el5
refmap via4
bid
  • 53255
  • 53258
confirm http://support.citrix.com/article/CTX139049
gentoo GLSA-201409-02
misc https://bugzilla.redhat.com/show_bug.cgi?id=815813
mlist
  • [oss-security] 20120426 CVE Request -- net-snmp: Array index error, leading to out-of heap-based buffer read (snmpd crash)
  • [oss-security] 20120426 Re: CVE Request -- net-snmp: Array index error, leading to out-of heap-based buffer read (snmpd crash)
sectrack 1026984
secunia
  • 48938
  • 59974
xf netsnmp-snmpget-dos(75169)
Last major update 29-08-2017 - 01:31
Published 14-08-2012 - 22:55
Back to Top