var-201410-1143
Vulnerability from variot
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message. Net-SNMP is prone to a remote denial-of-service vulnerability. A remote attacker may exploit this issue to crash the application, resulting in a denial-of-service condition. Net-SNMP is a set of open source Simple Network Management Protocol (Simple Network Management Protocol) software. The software is used to monitor network equipment, computer equipment, UPS equipment, etc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007
OS X El Capitan 10.11.1 and Security Update 2015-007 are now available and address the following:
Accelerate Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the Accelerate Framework in multi-threading mode. This issue was addressed through improved accessor element validation and improved object locking. CVE-ID CVE-2015-5940 : Apple
apache_mod_php Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.29 and 5.4.45. These were addressed by updating PHP to versions 5.5.29 and 5.4.45. CVE-ID CVE-2015-0235 CVE-2015-0273 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838
ATS Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiting a maliciously crafted webpage may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in ATS. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6985 : John Villamil (@day6reak), Yahoo Pentest Team
Audio Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to execute arbitrary code Description: An uninitialized memory issue existed in coreaudiod. This issue was addressed through improved memory initialization. CVE-ID CVE-2015-7003 : Mark Brand of Google Project Zero
Audio Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Playing a malicious audio file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of audio files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5933 : Apple CVE-2015-5934 : Apple
Bom Available for: OS X El Capitan 10.11 Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A file traversal vulnerability existed in the handling of CPIO archives. This issue was addressed through improved validation of metadata. CVE-ID CVE-2015-7006 : Mark Dowd of Azimuth Security
CFNetwork Available for: OS X El Capitan 10.11 Impact: Visiting a maliciously crafted website may lead to cookies being overwritten Description: A parsing issue existed when handling cookies with different letter casing. This issue was addressed through improved parsing. CVE-ID CVE-2015-7023 : Marvin Scholz; Xiaofeng Zheng and Jinjin Liang of Tsinghua University, Jian Jiang of University of California, Berkeley, Haixin Duan of Tsinghua University and International Computer Science Institute, Shuo Chen of Microsoft Research Redmond, Tao Wan of Huawei Canada, Nicholas Weaver of International Computer Science Institute and University of California, Berkeley, coordinated via CERT/CC
configd Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to elevate privileges Description: A heap based buffer overflow issue existed in the DNS client library. A malicious application with the ability to spoof responses from the local configd service may have been able to cause arbitrary code execution in DNS clients. CVE-ID CVE-2015-7015 : PanguTeam
CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in CoreGraphics. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5925 : Apple CVE-2015-5926 : Apple
CoreText Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team
CoreText Available for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team
CoreText Available for: OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team
CoreText Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-5944 : John Villamil (@day6reak), Yahoo Pentest Team
Disk Images Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6995 : Ian Beer of Google Project Zero
EFI Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: An attacker can exercise unused EFI functions Description: An issue existed with EFI argument handling. This was addressed by removing the affected functions. CVE-ID CVE-2015-7035 : Corey Kallenberg, Xeno Kovah, John Butterworth, and Sam Cornwell of The MITRE Corporation, coordinated via CERT/CC
File Bookmark Available for: OS X El Capitan 10.11 Impact: Browsing to a folder with malformed bookmarks may cause unexpected application termination Description: An input validation issue existed in parsing bookmark metadata. This issue was addressed through improved validation checks. CVE-ID CVE-2015-6987 : Luca Todesco (@qwertyoruiop)
FontParser Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-5927 : Apple CVE-2015-5942 CVE-2015-6976 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6977 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6978 : Jaanus Kp, Clarified Security, working with HP's Zero Day Initiative CVE-2015-6991 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6993 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7009 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7010 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7018 : John Villamil (@day6reak), Yahoo Pentest Team
FontParser Available for: OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-6990 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7008 : John Villamil (@day6reak), Yahoo Pentest Team
Grand Central Dispatch Available for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11 Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of dispatch calls. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6989 : Apple
Graphics Drivers Available for: OS X El Capitan 10.11 Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: Multiple out of bounds read issues existed in the NVIDIA graphics driver. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7019 : Ian Beer of Google Project Zero CVE-2015-7020 : Moony Li of Trend Micro
Graphics Drivers Available for: OS X El Capitan 10.11 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7021 : Moony Li of Trend Micro
ImageIO Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted image file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the parsing of image metadata. These issues were addressed through improved metadata validation. CVE-ID CVE-2015-5935 : Apple CVE-2015-5938 : Apple
ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Processing a maliciously crafted image file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the parsing of image metadata. These issues were addressed through improved metadata validation. CVE-ID CVE-2015-5936 : Apple CVE-2015-5937 : Apple CVE-2015-5939 : Apple
IOAcceleratorFamily Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6996 : Ian Beer of Google Project Zero
IOHIDFamily Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6974 : Luca Todesco (@qwertyoruiop)
Kernel Available for: OS X Yosemite v10.10.5 Impact: A local user may be able to execute arbitrary code with system privileges Description: A type confusion issue existed in the validation of Mach tasks. This issue was addressed through improved Mach task validation. CVE-ID CVE-2015-5932 : Luca Todesco (@qwertyoruiop), Filippo Bigarella
Kernel Available for: OS X El Capitan 10.11 Impact: An attacker with a privileged network position may be able to execute arbitrary code Description: An uninitialized memory issue existed in the kernel. This issue was addressed through improved memory initialization. CVE-ID CVE-2015-6988 : The Brainy Code Scanner (m00nbsd)
Kernel Available for: OS X El Capitan 10.11 Impact: A local application may be able to cause a denial of service Description: An issue existed when reusing virtual memory. This issue was addressed through improved validation. CVE-ID CVE-2015-6994 : Mark Mentovai of Google Inc.
libarchive Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: A malicious application may be able to overwrite arbitrary files Description: An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization. CVE-ID CVE-2015-6984 : Christopher Crone of Infinit, Jonathan Schleifer
MCX Application Restrictions Available for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11 Impact: A developer-signed executable may acquire restricted entitlements Description: An entitlement validation issue existed in Managed Configuration. A developer-signed app could bypass restrictions on use of restricted entitlements and elevate privileges. This issue was addressed through improved provisioning profile validation. CVE-ID CVE-2015-7016 : Apple
Net-SNMP Available for: OS X El Capitan 10.11 Impact: An attacker in a privileged network position may be able to cause a denial of service Description: Multiple issues existed in netsnmp version 5.6. These issues were addressed by using patches affecting OS X from upstream. CVE-ID CVE-2012-6151 CVE-2014-3565
OpenGL Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in OpenGL. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5924 : Apple
OpenSSH Available for: OS X El Capitan 10.11 Impact: A local user may be able to conduct impersonation attacks Description: A privilege separation issue existed in PAM support. This issue was addressed with improved authorization checks. CVE-ID CVE-2015-6563 : Moritz Jodeit of Blue Frost Security GmbH
Sandbox Available for: OS X El Capitan 10.11 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An input validation issue existed when handling NVRAM parameters. This issue was addressed through improved validation. CVE-ID CVE-2015-5945 : Rich Trouton (@rtrouton), Howard Hughes Medical Institute, Apple
Script Editor Available for: OS X El Capitan 10.11 Impact: An attacker may trick a user into running arbitrary AppleScript Description: In some circumstances, Script Editor did not ask for user confirmation before executing AppleScripts. This issue was addressed by prompting for user confirmation before executing AppleScripts. CVE-ID CVE-2015-7007 : Joe Vennix of Rapid7
Security Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to overwrite arbitrary files Description: A double free issue existed in the handling of AtomicBufferedFile descriptors. This issue was addressed through improved validation of AtomicBufferedFile descriptors. CVE-ID CVE-2015-6983 : David Benjamin, Greg Kerr, Mark Mentovai and Sergey Ulanov from the Chrome Team
SecurityAgent Available for: OS X El Capitan 10.11 Impact: A malicious application can programmatically control keychain access prompts Description: A method existed for applications to create synthetic clicks on keychain prompts. This was addressed by disabling synthetic clicks for keychain access windows. CVE-ID CVE-2015-5943
Installation note:
OS X El Capitan v10.11.1 includes the security content of Safari 9.0.1: https://support.apple.com/kb/HT205377
OS X El Capitan 10.11.1 and Security Update 2015-007 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJWJuKsAAoJEBcWfLTuOo7t8e0P/igVHKDXeLNib2eEzbS2BMVV Ee968BgEDw1xnHK8zzh3bbRNxxAUT9lwe8RuSYECfp8sUYySb51/VIWpmidewsqB az7mJ4Gohldppejc5tykHDoTYesQL7iySLn74PdxZfZXbtz2EGJK19cA6hIHcO5x ZiMCbJzTaAOylKRQRRi3kMdNWEzxbtm90247vNx/zMSjs1bhGlQbJsCVDmX/Q9uH Xja9aPCHDfaQueTw5idbXwT+Y/+I9ytBlL5JXVrjRUDYCtuewC4DNsQxZY0qcDyE A7/0G7iYW5vOECNhpoLA0+1MbdHxJXhwJtmIKX8zucYqe/Vr4j41oGey/HJW55ER USJ2RBpMtGhDEolyvxz7FlSPYOIpp05mwMB0GWQWAmkWDAxnagkQm9xwKBMt4eq4 CNdI0YaX0iPPWYIkI3HpZHdzuwbE5b053cw1hLKc0OVQBiqLUQxe3W5s64ZqTSe0 whlm9lt/9EUwyfXHEiXTYi/d+CF8+JthY4ieXRJ4mwz77udafmgA5Pbl71SqB8pE 7TBByuCOFdou6JmdJPahLDxoGRA+i7Z+a8Myn4WtbemkjrO9iZ/VsdAdl/Db+7cz rEgSPjelEC5z5WxQspiuohxU1NkDnMgWm2Tnx+pFBOfZMheE4xnTfve3vqY+gQdN 4GbuRXld4PbxeDdel0Nk =snJ4 -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-2711-1 August 17, 2015
net-snmp vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Net-SNMP could be made to crash or run programs if it received specially crafted network traffic. (CVE-2014-3565)
Qinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing failures. (CVE-2015-5621)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: libsnmp30 5.7.2~dfsg-8.1ubuntu5.1
Ubuntu 14.04 LTS: libsnmp30 5.7.2~dfsg-8.1ubuntu3.1
Ubuntu 12.04 LTS: libsnmp15 5.4.3~dfsg-2.4ubuntu1.3
In general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201507-17
https://security.gentoo.org/
Severity: Normal Title: SNMP: Denial of Service Date: July 10, 2015 Bugs: #522062 ID: 201507-17
Synopsis
A vulnerability in SNMP could lead to Denial of Service condition.
Background
SNMP is a widely used protocol for monitoring the health and welfare of network equipment.
Workaround
There is no known workaround at this time.
Resolution
All SNMP users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=net-analyzer/net-snmp-5.7.3_pre5-r1"
References
[ 1 ] CVE-2014-3565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3565
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201507-17
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
Remotely exploitable denial of service vulnerability in Net-SNMP, in snmptrapd, due to how it handles trap requests with an empty community string when the perl handler is enabled (CVE-2014-2285). The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFVFnIkmqjQ0CJFipgRApj2AJ4siseZB35ENesBHXAJd354ztjc2wCg4i9a CVlceu1C+yhzzsfXCVXUd5g= =mTTW -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: net-snmp security and bug fix update Advisory ID: RHSA-2015:1385-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1385.html Issue date: 2015-07-22 Updated on: 2015-03-02 CVE Names: CVE-2014-3565 =====================================================================
- Summary:
Updated net-snmp packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
- Description:
The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser.
A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option. (CVE-2014-3565)
This update also fixes the following bugs:
-
The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented because parts of the HOST-RESOURCES-MIB module were rewritten in an earlier version of net-snmp. Consequently, HOST-RESOURCES-MIB::hrSystemProcesses did not provide information on the number of currently loaded or running processes. With this update, HOST-RESOURCES-MIB::hrSystemProcesses has been implemented, and the net-snmp daemon reports as expected. (BZ#1134335)
-
The Net-SNMP agent daemon, snmpd, reloaded the system ARP table every 60 seconds. As a consequence, snmpd could cause a short CPU usage spike on busy systems with a large APR table. With this update, snmpd does not reload the full ARP table periodically, but monitors the table changes using a netlink socket. (BZ#789500)
-
Previously, snmpd used an invalid pointer to the current time when periodically checking certain conditions specified by the "monitor" option in the /etc/snmpd/snmpd.conf file. Consequently, snmpd terminated unexpectedly on start with a segmentation fault if a certain entry with the "monitor" option was used. Now, snmpd initializes the correct pointer to the current time, and snmpd no longer crashes on start. (BZ#1050970)
-
Previously, snmpd expected 8-bit network interface indices when processing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of a local network interface was larger than 30,000 items, snmpd could terminate unexpectedly due to accessing invalid memory. Now, processing of all network sizes is enabled, and snmpd no longer crashes in the described situation. (BZ#1195547)
-
The snmpdtrapd service incorrectly checked for errors when forwarding a trap with a RequestID value of 0, and logged "Forward failed" even though the trap was successfully forwarded. This update fixes snmptrapd checks and the aforementioned message is now logged only when appropriate. (BZ#1146948)
-
Previously, snmpd ignored the value of the "storageUseNFS" option in the /etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were shown as "Network Disks", even though "storageUseNFS" was set to "2" to report them as "Fixed Disks" in HOST-RESOURCES-MIB::hrStorageTable. With this update, snmpd takes the "storageUseNFS" option value into account, and "Fixed Disks" NFS drives are reported correctly. (BZ#1125793)
-
Previously, the Net-SNMP python binding used an incorrect size (8 bytes instead of 4) for variables of IPADDRESS type. Consequently, applications that were using Net-SNMP Python bindings could send malformed SNMP messages. With this update, the bindings now use 4 bytes for variables with IPADRESS type, and only valid SNMP messages are sent. (BZ#1100099)
-
Previously, the snmpd service did not cut values in HOST-RESOURCES-MIB::hrStorageTable to signed 32-bit integers, as required by SNMP standards, and provided the values as unsigned integers. As a consequence, the HOST-RESOURCES-MIB::hrStorageTable implementation did not conform to RFC 2790. The values are now cut to 32-bit signed integers, and snmpd is therefore standard compliant. (BZ#1104293)
Users of net-snmp are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
886468 - snmpd does not report error when clientaddr
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: net-snmp-5.5-54.el6.src.rpm
i386: net-snmp-5.5-54.el6.i686.rpm net-snmp-debuginfo-5.5-54.el6.i686.rpm net-snmp-libs-5.5-54.el6.i686.rpm
x86_64: net-snmp-5.5-54.el6.x86_64.rpm net-snmp-debuginfo-5.5-54.el6.i686.rpm net-snmp-debuginfo-5.5-54.el6.x86_64.rpm net-snmp-libs-5.5-54.el6.i686.rpm net-snmp-libs-5.5-54.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: net-snmp-debuginfo-5.5-54.el6.i686.rpm net-snmp-devel-5.5-54.el6.i686.rpm net-snmp-perl-5.5-54.el6.i686.rpm net-snmp-python-5.5-54.el6.i686.rpm net-snmp-utils-5.5-54.el6.i686.rpm
x86_64: net-snmp-debuginfo-5.5-54.el6.i686.rpm net-snmp-debuginfo-5.5-54.el6.x86_64.rpm net-snmp-devel-5.5-54.el6.i686.rpm net-snmp-devel-5.5-54.el6.x86_64.rpm net-snmp-perl-5.5-54.el6.x86_64.rpm net-snmp-python-5.5-54.el6.x86_64.rpm net-snmp-utils-5.5-54.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: net-snmp-5.5-54.el6.src.rpm
x86_64: net-snmp-5.5-54.el6.x86_64.rpm net-snmp-debuginfo-5.5-54.el6.i686.rpm net-snmp-debuginfo-5.5-54.el6.x86_64.rpm net-snmp-libs-5.5-54.el6.i686.rpm net-snmp-libs-5.5-54.el6.x86_64.rpm net-snmp-perl-5.5-54.el6.x86_64.rpm net-snmp-python-5.5-54.el6.x86_64.rpm net-snmp-utils-5.5-54.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: net-snmp-debuginfo-5.5-54.el6.i686.rpm net-snmp-debuginfo-5.5-54.el6.x86_64.rpm net-snmp-devel-5.5-54.el6.i686.rpm net-snmp-devel-5.5-54.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: net-snmp-5.5-54.el6.src.rpm
i386: net-snmp-5.5-54.el6.i686.rpm net-snmp-debuginfo-5.5-54.el6.i686.rpm net-snmp-devel-5.5-54.el6.i686.rpm net-snmp-libs-5.5-54.el6.i686.rpm net-snmp-perl-5.5-54.el6.i686.rpm net-snmp-python-5.5-54.el6.i686.rpm net-snmp-utils-5.5-54.el6.i686.rpm
ppc64: net-snmp-5.5-54.el6.ppc64.rpm net-snmp-debuginfo-5.5-54.el6.ppc.rpm net-snmp-debuginfo-5.5-54.el6.ppc64.rpm net-snmp-devel-5.5-54.el6.ppc.rpm net-snmp-devel-5.5-54.el6.ppc64.rpm net-snmp-libs-5.5-54.el6.ppc.rpm net-snmp-libs-5.5-54.el6.ppc64.rpm net-snmp-perl-5.5-54.el6.ppc64.rpm net-snmp-python-5.5-54.el6.ppc64.rpm net-snmp-utils-5.5-54.el6.ppc64.rpm
s390x: net-snmp-5.5-54.el6.s390x.rpm net-snmp-debuginfo-5.5-54.el6.s390.rpm net-snmp-debuginfo-5.5-54.el6.s390x.rpm net-snmp-devel-5.5-54.el6.s390.rpm net-snmp-devel-5.5-54.el6.s390x.rpm net-snmp-libs-5.5-54.el6.s390.rpm net-snmp-libs-5.5-54.el6.s390x.rpm net-snmp-perl-5.5-54.el6.s390x.rpm net-snmp-python-5.5-54.el6.s390x.rpm net-snmp-utils-5.5-54.el6.s390x.rpm
x86_64: net-snmp-5.5-54.el6.x86_64.rpm net-snmp-debuginfo-5.5-54.el6.i686.rpm net-snmp-debuginfo-5.5-54.el6.x86_64.rpm net-snmp-devel-5.5-54.el6.i686.rpm net-snmp-devel-5.5-54.el6.x86_64.rpm net-snmp-libs-5.5-54.el6.i686.rpm net-snmp-libs-5.5-54.el6.x86_64.rpm net-snmp-perl-5.5-54.el6.x86_64.rpm net-snmp-python-5.5-54.el6.x86_64.rpm net-snmp-utils-5.5-54.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: net-snmp-5.5-54.el6.src.rpm
i386: net-snmp-5.5-54.el6.i686.rpm net-snmp-debuginfo-5.5-54.el6.i686.rpm net-snmp-devel-5.5-54.el6.i686.rpm net-snmp-libs-5.5-54.el6.i686.rpm net-snmp-perl-5.5-54.el6.i686.rpm net-snmp-python-5.5-54.el6.i686.rpm net-snmp-utils-5.5-54.el6.i686.rpm
x86_64: net-snmp-5.5-54.el6.x86_64.rpm net-snmp-debuginfo-5.5-54.el6.i686.rpm net-snmp-debuginfo-5.5-54.el6.x86_64.rpm net-snmp-devel-5.5-54.el6.i686.rpm net-snmp-devel-5.5-54.el6.x86_64.rpm net-snmp-libs-5.5-54.el6.i686.rpm net-snmp-libs-5.5-54.el6.x86_64.rpm net-snmp-perl-5.5-54.el6.x86_64.rpm net-snmp-python-5.5-54.el6.x86_64.rpm net-snmp-utils-5.5-54.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-3565 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVrzYVXlSAg2UNWIIRAh4WAJ9qV50d0M2RuutHtf3bGj5Gz7Z9pgCfVPGq mY6TkK/8TscxmjL7zjvCerk= =3pS+ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7) - x86_64
-
With this release, outgoing IPv6 messages are correctly sent from the interface specified by clientaddr. (BZ#1190679)
-
The Net-SNMP daemon, snmpd, did not properly clean memory when reloading its configuration file with multiple "exec" entries. Consequently, the daemon terminated unexpectedly. (BZ#1228893)
-
Prior to this update, snmpd did not parse complete IPv4 traffic statistics, but reported the number of received or sent bytes in the IP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4. Now, the statistics reported by snmpd are collected for IPv4 as well. (BZ#1235697)
-
The Net-SNMP daemon, snmpd, did not correctly detect the file system change from read-only to read-write. Consequently, after remounting the file system into the read-write mode, the daemon reported it to be still in the read-only mode. A patch has been applied, and snmpd now detects the mode changes as expected. Bugs fixed (https://bugzilla.redhat.com/):
1092308 - backport diskio device filtering 1125155 - CVE-2014-3565 net-snmp: snmptrapd crash when handling an SNMP trap containing a ifMtu with a NULL type 1151310 - snmptrap can't create (or write to) /var/lib/net-snmp/snmpapp.conf if isn't run under root 1184433 - udpTable has wrong indices 1190679 - In IPv6, snmp packet does not send from specified interface assigned by clientaddr option in snmpd.conf
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201410-1143",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "net-snmp",
"scope": "lte",
"trust": 1.8,
"vendor": "net snmp",
"version": "5.7.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.11.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.0.2"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.1"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.5"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.0.1"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.6"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.0.6"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.4"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.0.4"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.0.5"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.0.8"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.3"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.2"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.3.0.1"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.0"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.1.2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.04"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.0.9"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.0.7"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "net snmp",
"version": "5.0.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.11"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "69477"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004588"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-506"
},
{
"db": "NVD",
"id": "CVE-2014-3565"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:net-snmp:net-snmp",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004588"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "69477"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3565",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-3565",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-71505",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3565",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-3565",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201408-506",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-71505",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-3565",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71505"
},
{
"db": "VULMON",
"id": "CVE-2014-3565"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004588"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-506"
},
{
"db": "NVD",
"id": "CVE-2014-3565"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message. Net-SNMP is prone to a remote denial-of-service vulnerability. \nA remote attacker may exploit this issue to crash the application, resulting in a denial-of-service condition. Net-SNMP is a set of open source Simple Network Management Protocol (Simple Network Management Protocol) software. The software is used to monitor network equipment, computer equipment, UPS equipment, etc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update\n2015-007\n\nOS X El Capitan 10.11.1 and Security Update 2015-007 are now\navailable and address the following:\n\nAccelerate Framework\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: A memory corruption issue existed in the Accelerate\nFramework in multi-threading mode. This issue was addressed through\nimproved accessor element validation and improved object locking. \nCVE-ID\nCVE-2015-5940 : Apple\n\napache_mod_php\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Multiple vulnerabilities in PHP\nDescription: Multiple vulnerabilities existed in PHP versions prior\nto 5.5.29 and 5.4.45. These were addressed by updating PHP to\nversions 5.5.29 and 5.4.45. \nCVE-ID\nCVE-2015-0235\nCVE-2015-0273\nCVE-2015-6834\nCVE-2015-6835\nCVE-2015-6836\nCVE-2015-6837\nCVE-2015-6838\n\nATS\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Visiting a maliciously crafted webpage may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in ATS. This issue\nwas addressed through improved memory handling. \nCVE-ID\nCVE-2015-6985 : John Villamil (@day6reak), Yahoo Pentest Team\n\nAudio\nAvailable for: OS X El Capitan 10.11\nImpact: A malicious application may be able to execute arbitrary\ncode\nDescription: An uninitialized memory issue existed in coreaudiod. \nThis issue was addressed through improved memory initialization. \nCVE-ID\nCVE-2015-7003 : Mark Brand of Google Project Zero\n\nAudio\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Playing a malicious audio file may lead to arbitrary code\nexecution\nDescription: Multiple memory corruption issues existed in the\nhandling of audio files. These issues were addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-5933 : Apple\nCVE-2015-5934 : Apple\n\nBom\nAvailable for: OS X El Capitan 10.11\nImpact: Unpacking a maliciously crafted archive may lead to\narbitrary code execution\nDescription: A file traversal vulnerability existed in the handling\nof CPIO archives. This issue was addressed through improved\nvalidation of metadata. \nCVE-ID\nCVE-2015-7006 : Mark Dowd of Azimuth Security\n\nCFNetwork\nAvailable for: OS X El Capitan 10.11\nImpact: Visiting a maliciously crafted website may lead to cookies\nbeing overwritten\nDescription: A parsing issue existed when handling cookies with\ndifferent letter casing. This issue was addressed through improved\nparsing. \nCVE-ID\nCVE-2015-7023 : Marvin Scholz; Xiaofeng Zheng and Jinjin Liang of\nTsinghua University, Jian Jiang of University of California,\nBerkeley, Haixin Duan of Tsinghua University and International\nComputer Science Institute, Shuo Chen of Microsoft Research Redmond,\nTao Wan of Huawei Canada, Nicholas Weaver of International Computer\nScience Institute and University of California, Berkeley, coordinated\nvia CERT/CC\n\nconfigd\nAvailable for: OS X El Capitan 10.11\nImpact: A malicious application may be able to elevate privileges\nDescription: A heap based buffer overflow issue existed in the DNS\nclient library. A malicious application with the ability to spoof\nresponses from the local configd service may have been able to cause\narbitrary code execution in DNS clients. \nCVE-ID\nCVE-2015-7015 : PanguTeam\n\nCoreGraphics\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: Multiple memory corruption issues existed in\nCoreGraphics. These issues were addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5925 : Apple\nCVE-2015-5926 : Apple\n\nCoreText\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of font files. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team\n\nCoreText\nAvailable for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of font files. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team\n\nCoreText\nAvailable for: OS X El Capitan 10.11\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of font files. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team\n\nCoreText\nAvailable for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of font files. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-5944 : John Villamil (@day6reak), Yahoo Pentest Team\n\nDisk Images\nAvailable for: OS X El Capitan 10.11\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in the parsing of\ndisk images. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-6995 : Ian Beer of Google Project Zero\n\nEFI\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: An attacker can exercise unused EFI functions\nDescription: An issue existed with EFI argument handling. This was\naddressed by removing the affected functions. \nCVE-ID\nCVE-2015-7035 : Corey Kallenberg, Xeno Kovah, John Butterworth, and\nSam Cornwell of The MITRE Corporation, coordinated via CERT/CC\n\nFile Bookmark\nAvailable for: OS X El Capitan 10.11\nImpact: Browsing to a folder with malformed bookmarks may cause\nunexpected application termination\nDescription: An input validation issue existed in parsing bookmark\nmetadata. This issue was addressed through improved validation\nchecks. \nCVE-ID\nCVE-2015-6987 : Luca Todesco (@qwertyoruiop)\n\nFontParser\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of font files. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-5927 : Apple\nCVE-2015-5942\nCVE-2015-6976 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-6977 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-6978 : Jaanus Kp, Clarified Security, working with HP\u0027s Zero\nDay Initiative\nCVE-2015-6991 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-6993 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-7009 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-7010 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-7018 : John Villamil (@day6reak), Yahoo Pentest Team\n\nFontParser\nAvailable for: OS X El Capitan 10.11\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of font files. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-6990 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-7008 : John Villamil (@day6reak), Yahoo Pentest Team\n\nGrand Central Dispatch\nAvailable for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11\nImpact: Processing a maliciously crafted package may lead to\narbitrary code execution\nDescription: A memory corruption issue existed in the handling of\ndispatch calls. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-6989 : Apple\n\nGraphics Drivers\nAvailable for: OS X El Capitan 10.11\nImpact: A local user may be able to cause unexpected system\ntermination or read kernel memory\nDescription: Multiple out of bounds read issues existed in the\nNVIDIA graphics driver. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-7019 : Ian Beer of Google Project Zero\nCVE-2015-7020 : Moony Li of Trend Micro\n\nGraphics Drivers\nAvailable for: OS X El Capitan 10.11\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-7021 : Moony Li of Trend Micro\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5\nImpact: Processing a maliciously crafted image file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nparsing of image metadata. These issues were addressed through\nimproved metadata validation. \nCVE-ID\nCVE-2015-5935 : Apple\nCVE-2015-5938 : Apple\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Processing a maliciously crafted image file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nparsing of image metadata. These issues were addressed through\nimproved metadata validation. \nCVE-ID\nCVE-2015-5936 : Apple\nCVE-2015-5937 : Apple\nCVE-2015-5939 : Apple\n\nIOAcceleratorFamily\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in\nIOAcceleratorFamily. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-6996 : Ian Beer of Google Project Zero\n\nIOHIDFamily\nAvailable for: OS X El Capitan 10.11\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-6974 : Luca Todesco (@qwertyoruiop)\n\nKernel\nAvailable for: OS X Yosemite v10.10.5\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A type confusion issue existed in the validation of\nMach tasks. This issue was addressed through improved Mach task\nvalidation. \nCVE-ID\nCVE-2015-5932 : Luca Todesco (@qwertyoruiop), Filippo Bigarella\n\nKernel\nAvailable for: OS X El Capitan 10.11\nImpact: An attacker with a privileged network position may be able\nto execute arbitrary code\nDescription: An uninitialized memory issue existed in the kernel. \nThis issue was addressed through improved memory initialization. \nCVE-ID\nCVE-2015-6988 : The Brainy Code Scanner (m00nbsd)\n\nKernel\nAvailable for: OS X El Capitan 10.11\nImpact: A local application may be able to cause a denial of service\nDescription: An issue existed when reusing virtual memory. This\nissue was addressed through improved validation. \nCVE-ID\nCVE-2015-6994 : Mark Mentovai of Google Inc. \n\nlibarchive\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: A malicious application may be able to overwrite arbitrary\nfiles\nDescription: An issue existed within the path validation logic for\nsymlinks. This issue was addressed through improved path\nsanitization. \nCVE-ID\nCVE-2015-6984 : Christopher Crone of Infinit, Jonathan Schleifer\n\nMCX Application Restrictions\nAvailable for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11\nImpact: A developer-signed executable may acquire restricted\nentitlements\nDescription: An entitlement validation issue existed in Managed\nConfiguration. A developer-signed app could bypass restrictions on\nuse of restricted entitlements and elevate privileges. This issue was\naddressed through improved provisioning profile validation. \nCVE-ID\nCVE-2015-7016 : Apple\n\nNet-SNMP\nAvailable for: OS X El Capitan 10.11\nImpact: An attacker in a privileged network position may be able to\ncause a denial of service\nDescription: Multiple issues existed in netsnmp version 5.6. These\nissues were addressed by using patches affecting OS X from upstream. \nCVE-ID\nCVE-2012-6151\nCVE-2014-3565\n\nOpenGL\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: A memory corruption issue existed in OpenGL. This issue\nwas addressed through improved memory handling. \nCVE-ID\nCVE-2015-5924 : Apple\n\nOpenSSH\nAvailable for: OS X El Capitan 10.11\nImpact: A local user may be able to conduct impersonation attacks\nDescription: A privilege separation issue existed in PAM support. \nThis issue was addressed with improved authorization checks. \nCVE-ID\nCVE-2015-6563 : Moritz Jodeit of Blue Frost Security GmbH\n\nSandbox\nAvailable for: OS X El Capitan 10.11\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: An input validation issue existed when handling NVRAM\nparameters. This issue was addressed through improved validation. \nCVE-ID\nCVE-2015-5945 : Rich Trouton (@rtrouton), Howard Hughes Medical\nInstitute, Apple\n\nScript Editor\nAvailable for: OS X El Capitan 10.11\nImpact: An attacker may trick a user into running arbitrary\nAppleScript\nDescription: In some circumstances, Script Editor did not ask for\nuser confirmation before executing AppleScripts. This issue was\naddressed by prompting for user confirmation before executing\nAppleScripts. \nCVE-ID\nCVE-2015-7007 : Joe Vennix of Rapid7\n\nSecurity\nAvailable for: OS X El Capitan 10.11\nImpact: A malicious application may be able to overwrite arbitrary\nfiles\nDescription: A double free issue existed in the handling of\nAtomicBufferedFile descriptors. This issue was addressed through\nimproved validation of AtomicBufferedFile descriptors. \nCVE-ID\nCVE-2015-6983 : David Benjamin, Greg Kerr, Mark Mentovai and Sergey\nUlanov from the Chrome Team\n\nSecurityAgent\nAvailable for: OS X El Capitan 10.11\nImpact: A malicious application can programmatically control\nkeychain access prompts\nDescription: A method existed for applications to create synthetic\nclicks on keychain prompts. This was addressed by disabling synthetic\nclicks for keychain access windows. \nCVE-ID\nCVE-2015-5943\n\nInstallation note:\n\nOS X El Capitan v10.11.1 includes the security content of\nSafari 9.0.1: https://support.apple.com/kb/HT205377\n\nOS X El Capitan 10.11.1 and Security Update 2015-007 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBCAAGBQJWJuKsAAoJEBcWfLTuOo7t8e0P/igVHKDXeLNib2eEzbS2BMVV\nEe968BgEDw1xnHK8zzh3bbRNxxAUT9lwe8RuSYECfp8sUYySb51/VIWpmidewsqB\naz7mJ4Gohldppejc5tykHDoTYesQL7iySLn74PdxZfZXbtz2EGJK19cA6hIHcO5x\nZiMCbJzTaAOylKRQRRi3kMdNWEzxbtm90247vNx/zMSjs1bhGlQbJsCVDmX/Q9uH\nXja9aPCHDfaQueTw5idbXwT+Y/+I9ytBlL5JXVrjRUDYCtuewC4DNsQxZY0qcDyE\nA7/0G7iYW5vOECNhpoLA0+1MbdHxJXhwJtmIKX8zucYqe/Vr4j41oGey/HJW55ER\nUSJ2RBpMtGhDEolyvxz7FlSPYOIpp05mwMB0GWQWAmkWDAxnagkQm9xwKBMt4eq4\nCNdI0YaX0iPPWYIkI3HpZHdzuwbE5b053cw1hLKc0OVQBiqLUQxe3W5s64ZqTSe0\nwhlm9lt/9EUwyfXHEiXTYi/d+CF8+JthY4ieXRJ4mwz77udafmgA5Pbl71SqB8pE\n7TBByuCOFdou6JmdJPahLDxoGRA+i7Z+a8Myn4WtbemkjrO9iZ/VsdAdl/Db+7cz\nrEgSPjelEC5z5WxQspiuohxU1NkDnMgWm2Tnx+pFBOfZMheE4xnTfve3vqY+gQdN\n4GbuRXld4PbxeDdel0Nk\n=snJ4\n-----END PGP SIGNATURE-----\n. ============================================================================\nUbuntu Security Notice USN-2711-1\nAugust 17, 2015\n\nnet-snmp vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nNet-SNMP could be made to crash or run programs if it received specially\ncrafted network traffic. (CVE-2014-3565)\n\nQinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing\nfailures. (CVE-2015-5621)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n libsnmp30 5.7.2~dfsg-8.1ubuntu5.1\n\nUbuntu 14.04 LTS:\n libsnmp30 5.7.2~dfsg-8.1ubuntu3.1\n\nUbuntu 12.04 LTS:\n libsnmp15 5.4.3~dfsg-2.4ubuntu1.3\n\nIn general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201507-17\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: SNMP: Denial of Service\n Date: July 10, 2015\n Bugs: #522062\n ID: 201507-17\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA vulnerability in SNMP could lead to Denial of Service condition. \n\nBackground\n==========\n\nSNMP is a widely used protocol for monitoring the health and welfare of\nnetwork equipment. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll SNMP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=net-analyzer/net-snmp-5.7.3_pre5-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2014-3565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3565\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201507-17\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n \n Remotely exploitable denial of service vulnerability in Net-SNMP,\n in snmptrapd, due to how it handles trap requests with an empty\n community string when the perl handler is enabled (CVE-2014-2285). The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVFnIkmqjQ0CJFipgRApj2AJ4siseZB35ENesBHXAJd354ztjc2wCg4i9a\nCVlceu1C+yhzzsfXCVXUd5g=\n=mTTW\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: net-snmp security and bug fix update\nAdvisory ID: RHSA-2015:1385-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1385.html\nIssue date: 2015-07-22\nUpdated on: 2015-03-02\nCVE Names: CVE-2014-3565 \n=====================================================================\n\n1. Summary:\n\nUpdated net-snmp packages that fix one security issue and several bugs are\nnow available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\n\n3. Description:\n\nThe net-snmp packages provide various libraries and tools for the Simple\nNetwork Management Protocol (SNMP), including an SNMP library, an\nextensible agent, tools for requesting or setting information from SNMP\nagents, tools for generating and handling SNMP traps, a version of the\nnetstat command which uses SNMP, and a Tk/Perl Management Information Base\n(MIB) browser. \n\nA denial of service flaw was found in the way snmptrapd handled certain\nSNMP traps when started with the \"-OQ\" option. (CVE-2014-3565)\n\nThis update also fixes the following bugs:\n\n* The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented\nbecause parts of the HOST-RESOURCES-MIB module were rewritten in an earlier\nversion of net-snmp. Consequently, HOST-RESOURCES-MIB::hrSystemProcesses\ndid not provide information on the number of currently loaded or running\nprocesses. With this update, HOST-RESOURCES-MIB::hrSystemProcesses has been\nimplemented, and the net-snmp daemon reports as expected. (BZ#1134335)\n\n* The Net-SNMP agent daemon, snmpd, reloaded the system ARP table every 60\nseconds. As a consequence, snmpd could cause a short CPU usage spike on\nbusy systems with a large APR table. With this update, snmpd does not\nreload the full ARP table periodically, but monitors the table changes\nusing a netlink socket. (BZ#789500)\n\n* Previously, snmpd used an invalid pointer to the current time when\nperiodically checking certain conditions specified by the \"monitor\" option\nin the /etc/snmpd/snmpd.conf file. Consequently, snmpd terminated\nunexpectedly on start with a segmentation fault if a certain entry with the\n\"monitor\" option was used. Now, snmpd initializes the correct pointer\nto the current time, and snmpd no longer crashes on start. (BZ#1050970)\n\n* Previously, snmpd expected 8-bit network interface indices when\nprocessing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of a\nlocal network interface was larger than 30,000 items, snmpd could terminate\nunexpectedly due to accessing invalid memory. Now, processing of all\nnetwork sizes is enabled, and snmpd no longer crashes in the described\nsituation. (BZ#1195547)\n\n* The snmpdtrapd service incorrectly checked for errors when forwarding a\ntrap with a RequestID value of 0, and logged \"Forward failed\" even though\nthe trap was successfully forwarded. This update fixes snmptrapd checks and\nthe aforementioned message is now logged only when appropriate. \n(BZ#1146948)\n\n* Previously, snmpd ignored the value of the \"storageUseNFS\" option in the\n/etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were shown as\n\"Network Disks\", even though \"storageUseNFS\" was set to \"2\" to report them\nas \"Fixed Disks\" in HOST-RESOURCES-MIB::hrStorageTable. With this update,\nsnmpd takes the \"storageUseNFS\" option value into account, and \"Fixed\nDisks\"\nNFS drives are reported correctly. (BZ#1125793)\n\n* Previously, the Net-SNMP python binding used an incorrect size (8 bytes\ninstead of 4) for variables of IPADDRESS type. Consequently, applications\nthat were using Net-SNMP Python bindings could send malformed SNMP\nmessages. With this update, the bindings now use 4 bytes for variables with\nIPADRESS type, and only valid SNMP messages are sent. (BZ#1100099)\n\n* Previously, the snmpd service did not cut values in\nHOST-RESOURCES-MIB::hrStorageTable to signed 32-bit integers, as required\nby SNMP standards, and provided the values as unsigned integers. As a\nconsequence, the HOST-RESOURCES-MIB::hrStorageTable implementation did not\nconform to RFC 2790. The values are now cut to 32-bit signed integers, and\nsnmpd is therefore standard compliant. (BZ#1104293)\n\nUsers of net-snmp are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n886468 - snmpd does not report error when clientaddr \u003cip\u003e:\u003cport\u003e cannot bind to the specified port\n967871 - net-snmp does not display correct lm_sensors sensor data / missing CPU cores\n1023570 - libnetsnmpagent.so crash under certain conditions - patched upstream in 2009\n1034441 - Net-SNMP libraries and headers are invalid due to hyphens. \n1069046 - snmpd returns truncated value for Counter64 taken from smuxpeer\n1070075 - SNMP HRPROCESSORLOAD RETURNS INCORRECT VALUES FOR PROCESSOR #\u0027S \u003e 100\n1073544 - net-snmp.rpm is not multilib safe\n1100099 - net-snmp-python adds zeros to end of IP address (IPADDR type), which is not valid\n1119567 - After installation of net-snmp-devel-5.5-44.el6_4.4.x86_64 the command \u0027$ man snmp_read\u0027 fails\n1125155 - CVE-2014-3565 net-snmp: snmptrapd crash when handling an SNMP trap containing a ifMtu with a NULL type\n1125793 - [RHEL6] net-snmp \"storageUseNFS 2\" option does not report NFS mount as \"Fixed Disks\"\n1126914 - Ocetets Truncated with Python Bindings\n1134335 - hrSystemProcesses is missing (net-snmp-5.5-49.el6_5.2)\n1157373 - README file in net-snmp-python package is wrong\n1181994 - net-snmp package does not compile on Fedora 21\n1188295 - net-snmp snmpd fork() overhead [fix available]\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nnet-snmp-5.5-54.el6.src.rpm\n\ni386:\nnet-snmp-5.5-54.el6.i686.rpm\nnet-snmp-debuginfo-5.5-54.el6.i686.rpm\nnet-snmp-libs-5.5-54.el6.i686.rpm\n\nx86_64:\nnet-snmp-5.5-54.el6.x86_64.rpm\nnet-snmp-debuginfo-5.5-54.el6.i686.rpm\nnet-snmp-debuginfo-5.5-54.el6.x86_64.rpm\nnet-snmp-libs-5.5-54.el6.i686.rpm\nnet-snmp-libs-5.5-54.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nnet-snmp-debuginfo-5.5-54.el6.i686.rpm\nnet-snmp-devel-5.5-54.el6.i686.rpm\nnet-snmp-perl-5.5-54.el6.i686.rpm\nnet-snmp-python-5.5-54.el6.i686.rpm\nnet-snmp-utils-5.5-54.el6.i686.rpm\n\nx86_64:\nnet-snmp-debuginfo-5.5-54.el6.i686.rpm\nnet-snmp-debuginfo-5.5-54.el6.x86_64.rpm\nnet-snmp-devel-5.5-54.el6.i686.rpm\nnet-snmp-devel-5.5-54.el6.x86_64.rpm\nnet-snmp-perl-5.5-54.el6.x86_64.rpm\nnet-snmp-python-5.5-54.el6.x86_64.rpm\nnet-snmp-utils-5.5-54.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nnet-snmp-5.5-54.el6.src.rpm\n\nx86_64:\nnet-snmp-5.5-54.el6.x86_64.rpm\nnet-snmp-debuginfo-5.5-54.el6.i686.rpm\nnet-snmp-debuginfo-5.5-54.el6.x86_64.rpm\nnet-snmp-libs-5.5-54.el6.i686.rpm\nnet-snmp-libs-5.5-54.el6.x86_64.rpm\nnet-snmp-perl-5.5-54.el6.x86_64.rpm\nnet-snmp-python-5.5-54.el6.x86_64.rpm\nnet-snmp-utils-5.5-54.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nnet-snmp-debuginfo-5.5-54.el6.i686.rpm\nnet-snmp-debuginfo-5.5-54.el6.x86_64.rpm\nnet-snmp-devel-5.5-54.el6.i686.rpm\nnet-snmp-devel-5.5-54.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nnet-snmp-5.5-54.el6.src.rpm\n\ni386:\nnet-snmp-5.5-54.el6.i686.rpm\nnet-snmp-debuginfo-5.5-54.el6.i686.rpm\nnet-snmp-devel-5.5-54.el6.i686.rpm\nnet-snmp-libs-5.5-54.el6.i686.rpm\nnet-snmp-perl-5.5-54.el6.i686.rpm\nnet-snmp-python-5.5-54.el6.i686.rpm\nnet-snmp-utils-5.5-54.el6.i686.rpm\n\nppc64:\nnet-snmp-5.5-54.el6.ppc64.rpm\nnet-snmp-debuginfo-5.5-54.el6.ppc.rpm\nnet-snmp-debuginfo-5.5-54.el6.ppc64.rpm\nnet-snmp-devel-5.5-54.el6.ppc.rpm\nnet-snmp-devel-5.5-54.el6.ppc64.rpm\nnet-snmp-libs-5.5-54.el6.ppc.rpm\nnet-snmp-libs-5.5-54.el6.ppc64.rpm\nnet-snmp-perl-5.5-54.el6.ppc64.rpm\nnet-snmp-python-5.5-54.el6.ppc64.rpm\nnet-snmp-utils-5.5-54.el6.ppc64.rpm\n\ns390x:\nnet-snmp-5.5-54.el6.s390x.rpm\nnet-snmp-debuginfo-5.5-54.el6.s390.rpm\nnet-snmp-debuginfo-5.5-54.el6.s390x.rpm\nnet-snmp-devel-5.5-54.el6.s390.rpm\nnet-snmp-devel-5.5-54.el6.s390x.rpm\nnet-snmp-libs-5.5-54.el6.s390.rpm\nnet-snmp-libs-5.5-54.el6.s390x.rpm\nnet-snmp-perl-5.5-54.el6.s390x.rpm\nnet-snmp-python-5.5-54.el6.s390x.rpm\nnet-snmp-utils-5.5-54.el6.s390x.rpm\n\nx86_64:\nnet-snmp-5.5-54.el6.x86_64.rpm\nnet-snmp-debuginfo-5.5-54.el6.i686.rpm\nnet-snmp-debuginfo-5.5-54.el6.x86_64.rpm\nnet-snmp-devel-5.5-54.el6.i686.rpm\nnet-snmp-devel-5.5-54.el6.x86_64.rpm\nnet-snmp-libs-5.5-54.el6.i686.rpm\nnet-snmp-libs-5.5-54.el6.x86_64.rpm\nnet-snmp-perl-5.5-54.el6.x86_64.rpm\nnet-snmp-python-5.5-54.el6.x86_64.rpm\nnet-snmp-utils-5.5-54.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nnet-snmp-5.5-54.el6.src.rpm\n\ni386:\nnet-snmp-5.5-54.el6.i686.rpm\nnet-snmp-debuginfo-5.5-54.el6.i686.rpm\nnet-snmp-devel-5.5-54.el6.i686.rpm\nnet-snmp-libs-5.5-54.el6.i686.rpm\nnet-snmp-perl-5.5-54.el6.i686.rpm\nnet-snmp-python-5.5-54.el6.i686.rpm\nnet-snmp-utils-5.5-54.el6.i686.rpm\n\nx86_64:\nnet-snmp-5.5-54.el6.x86_64.rpm\nnet-snmp-debuginfo-5.5-54.el6.i686.rpm\nnet-snmp-debuginfo-5.5-54.el6.x86_64.rpm\nnet-snmp-devel-5.5-54.el6.i686.rpm\nnet-snmp-devel-5.5-54.el6.x86_64.rpm\nnet-snmp-libs-5.5-54.el6.i686.rpm\nnet-snmp-libs-5.5-54.el6.x86_64.rpm\nnet-snmp-perl-5.5-54.el6.x86_64.rpm\nnet-snmp-python-5.5-54.el6.x86_64.rpm\nnet-snmp-utils-5.5-54.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3565\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVrzYVXlSAg2UNWIIRAh4WAJ9qV50d0M2RuutHtf3bGj5Gz7Z9pgCfVPGq\nmY6TkK/8TscxmjL7zjvCerk=\n=3pS+\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 7) - x86_64\n\n3. With this release, outgoing IPv6 messages are\ncorrectly sent from the interface specified by clientaddr. (BZ#1190679)\n\n* The Net-SNMP daemon, snmpd, did not properly clean memory when reloading\nits configuration file with multiple \"exec\" entries. Consequently, the\ndaemon terminated unexpectedly. (BZ#1228893)\n\n* Prior to this update, snmpd did not parse complete IPv4 traffic\nstatistics, but reported the number of received or sent bytes in the\nIP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4. Now, the\nstatistics reported by snmpd are collected for IPv4 as well. (BZ#1235697)\n\n* The Net-SNMP daemon, snmpd, did not correctly detect the file system\nchange from read-only to read-write. Consequently, after remounting the\nfile system into the read-write mode, the daemon reported it to be still\nin the read-only mode. A patch has been applied, and snmpd now detects the\nmode changes as expected. Bugs fixed (https://bugzilla.redhat.com/):\n\n1092308 - backport diskio device filtering\n1125155 - CVE-2014-3565 net-snmp: snmptrapd crash when handling an SNMP trap containing a ifMtu with a NULL type\n1151310 - snmptrap can\u0027t create (or write to) /var/lib/net-snmp/snmpapp.conf if isn\u0027t run under root\n1184433 - udpTable has wrong indices\n1190679 - In IPv6, snmp packet does not send from specified interface assigned by clientaddr option in snmpd.conf",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3565"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004588"
},
{
"db": "BID",
"id": "69477"
},
{
"db": "VULHUB",
"id": "VHN-71505"
},
{
"db": "VULMON",
"id": "CVE-2014-3565"
},
{
"db": "PACKETSTORM",
"id": "134055"
},
{
"db": "PACKETSTORM",
"id": "133115"
},
{
"db": "PACKETSTORM",
"id": "132631"
},
{
"db": "PACKETSTORM",
"id": "128398"
},
{
"db": "PACKETSTORM",
"id": "131097"
},
{
"db": "PACKETSTORM",
"id": "132798"
},
{
"db": "PACKETSTORM",
"id": "134454"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-71505",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71505"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3565",
"trust": 3.6
},
{
"db": "BID",
"id": "69477",
"trust": 2.1
},
{
"db": "JVN",
"id": "JVNVU92655282",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004588",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201408-506",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.0096",
"trust": 0.6
},
{
"db": "JUNIPER",
"id": "JSA10991",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "133115",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132631",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "128398",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "134454",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132798",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-71505",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-3565",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134055",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131097",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71505"
},
{
"db": "VULMON",
"id": "CVE-2014-3565"
},
{
"db": "BID",
"id": "69477"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004588"
},
{
"db": "PACKETSTORM",
"id": "134055"
},
{
"db": "PACKETSTORM",
"id": "133115"
},
{
"db": "PACKETSTORM",
"id": "132631"
},
{
"db": "PACKETSTORM",
"id": "128398"
},
{
"db": "PACKETSTORM",
"id": "131097"
},
{
"db": "PACKETSTORM",
"id": "132798"
},
{
"db": "PACKETSTORM",
"id": "134454"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-506"
},
{
"db": "NVD",
"id": "CVE-2014-3565"
}
]
},
"id": "VAR-201410-1143",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-71505"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T22:18:32.174000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
},
{
"title": "HT205375",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205375"
},
{
"title": "HT205375",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT205375"
},
{
"title": "Bug 1125155",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1125155"
},
{
"title": "CVE-2014-3565 Resource Management Errors vulnerability in Net-SNMP",
"trust": 0.8,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_3565_resource_management"
},
{
"title": "#48 Official patch for CVE-2014-3565",
"trust": 0.8,
"url": "http://sourceforge.net/p/net-snmp/official-patches/48/"
},
{
"title": "Added checks for printing variables with wrong types.",
"trust": 0.8,
"url": "http://sourceforge.net/p/net-snmp/code/ci/7f4a7b891332899cea26e95be0337aae01648742/"
},
{
"title": "Net-SNMP snmptrapd Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=107160"
},
{
"title": "Ubuntu Security Notice: net-snmp vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2711-1"
},
{
"title": "Debian CVElist Bug Report Logs: net-snmp: CVE-2014-3565",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2bd7f48925de9c49802e60041e14827e"
},
{
"title": "Red Hat: CVE-2014-3565",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-3565"
},
{
"title": "Apple: OS X El Capitan 10.11.1, Security Update\u00a02015-004 Yosemite, and Security Update 2015-007 Mavericks",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=fd51407c33ee29c59223888703327538"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=435ed9abc2fb1e74ce2a69605a01e326"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3565"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004588"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-506"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71505"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004588"
},
{
"db": "NVD",
"id": "CVE-2014-3565"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://sourceforge.net/p/net-snmp/code/ci/7f4a7b891332899cea26e95be0337aae01648742/"
},
{
"trust": 2.1,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"trust": 2.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1125155"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201507-17"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1385.html"
},
{
"trust": 1.9,
"url": "http://www.ubuntu.com/usn/usn-2711-1"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/69477"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2015/oct/msg00005.html"
},
{
"trust": 1.8,
"url": "http://sourceforge.net/p/net-snmp/official-patches/48/"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht205375"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00013.html"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3565"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/cve/cve-2014-3565"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu92655282/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3565"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3565"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2015:2345"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2015:1385"
},
{
"trust": 0.6,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10991"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0096/"
},
{
"trust": 0.3,
"url": "http://net-snmp.sourceforge.net/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020946"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965877"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968047"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980969"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.2,
"url": "http://advisories.mageia.org/mgasa-2014-0371.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/399.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=35560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2711-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5925"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5936"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0235"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5943"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5924"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5945"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5935"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5944"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5942"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6837"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5940"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5927"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5933"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5939"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht205377"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5934"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6151"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5938"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6974"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5926"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5937"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5932"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/net-snmp/5.7.2~dfsg-8.1ubuntu3.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/net-snmp/5.4.3~dfsg-2.4ubuntu1.3"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5621"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/net-snmp/5.7.2~dfsg-8.1ubuntu5.1"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3565"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://advisories.mageia.org/mgasa-2014-0122.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2284"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2284"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2285"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2015-2345.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71505"
},
{
"db": "VULMON",
"id": "CVE-2014-3565"
},
{
"db": "BID",
"id": "69477"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004588"
},
{
"db": "PACKETSTORM",
"id": "134055"
},
{
"db": "PACKETSTORM",
"id": "133115"
},
{
"db": "PACKETSTORM",
"id": "132631"
},
{
"db": "PACKETSTORM",
"id": "128398"
},
{
"db": "PACKETSTORM",
"id": "131097"
},
{
"db": "PACKETSTORM",
"id": "132798"
},
{
"db": "PACKETSTORM",
"id": "134454"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-506"
},
{
"db": "NVD",
"id": "CVE-2014-3565"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-71505"
},
{
"db": "VULMON",
"id": "CVE-2014-3565"
},
{
"db": "BID",
"id": "69477"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004588"
},
{
"db": "PACKETSTORM",
"id": "134055"
},
{
"db": "PACKETSTORM",
"id": "133115"
},
{
"db": "PACKETSTORM",
"id": "132631"
},
{
"db": "PACKETSTORM",
"id": "128398"
},
{
"db": "PACKETSTORM",
"id": "131097"
},
{
"db": "PACKETSTORM",
"id": "132798"
},
{
"db": "PACKETSTORM",
"id": "134454"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-506"
},
{
"db": "NVD",
"id": "CVE-2014-3565"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-07T00:00:00",
"db": "VULHUB",
"id": "VHN-71505"
},
{
"date": "2014-10-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3565"
},
{
"date": "2014-08-31T00:00:00",
"db": "BID",
"id": "69477"
},
{
"date": "2014-10-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004588"
},
{
"date": "2015-10-21T19:32:22",
"db": "PACKETSTORM",
"id": "134055"
},
{
"date": "2015-08-17T17:10:52",
"db": "PACKETSTORM",
"id": "133115"
},
{
"date": "2015-07-10T15:42:32",
"db": "PACKETSTORM",
"id": "132631"
},
{
"date": "2014-09-25T15:11:24",
"db": "PACKETSTORM",
"id": "128398"
},
{
"date": "2015-03-30T21:24:57",
"db": "PACKETSTORM",
"id": "131097"
},
{
"date": "2015-07-22T17:59:04",
"db": "PACKETSTORM",
"id": "132798"
},
{
"date": "2015-11-20T00:43:10",
"db": "PACKETSTORM",
"id": "134454"
},
{
"date": "2014-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-506"
},
{
"date": "2014-10-07T14:55:04.640000",
"db": "NVD",
"id": "CVE-2014-3565"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-71505"
},
{
"date": "2016-12-24T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3565"
},
{
"date": "2016-07-06T14:35:00",
"db": "BID",
"id": "69477"
},
{
"date": "2015-10-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004588"
},
{
"date": "2023-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-506"
},
{
"date": "2024-11-21T02:08:22.947000",
"db": "NVD",
"id": "CVE-2014-3565"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "133115"
},
{
"db": "PACKETSTORM",
"id": "128398"
},
{
"db": "PACKETSTORM",
"id": "131097"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-506"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Net-SNMP of snmplib/mib.c Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004588"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-506"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.