Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:31950
HistoryApr 20, 2015 - 12:00 a.m.

[ MDVSA-2015:092 ] net-snmp

2015-04-2000:00:00
vulners.com
20
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2015:092
http://www.mandriva.com/en/support/security/

Package : net-snmp
Date : March 28, 2015
Affected: Business Server 2.0

Problem Description:

Updated net-snmp packages fix security vulnerabilities:

Remotely exploitable denial of service vulnerability in Net-SNMP,
in the Linux implementation of the ICMP-MIB, making the SNMP
agent vulnerable if it is making use of the ICMP-MIB table objects
(CVE-2014-2284).

Remotely exploitable denial of service vulnerability in Net-SNMP,
in snmptrapd, due to how it handles trap requests with an empty
community string when the perl handler is enabled (CVE-2014-2285).

A remote denial-of-service flaw was found in the way snmptrapd handled
certain SNMP traps when started with the -OQ option. If an attacker
sent an SNMP trap containing a variable with a NULL type where an
integer variable type was expected, it would cause snmptrapd to crash
(CVE-2014-3565).

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2284
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565
http://advisories.mageia.org/MGASA-2014-0122.html
http://advisories.mageia.org/MGASA-2014-0371.html

Updated Packages:

Mandriva Business Server 2/X86_64:
db108bc819bb011d352ac1be23005ae8 mbs2/x86_64/lib64net-snmp30-5.7.2-14.1.mbs2.x86_64.rpm
10d0754baaebe770c0accea30a4c570b mbs2/x86_64/lib64net-snmp-devel-5.7.2-14.1.mbs2.x86_64.rpm
f3c20caeb88eee898508110847de93c1 mbs2/x86_64/lib64net-snmp-static-devel-5.7.2-14.1.mbs2.x86_64.rpm
85a8e55a06278248c6d55ed71781d4ae mbs2/x86_64/net-snmp-5.7.2-14.1.mbs2.x86_64.rpm
dd6b3752ffc3abfa799752d6c68be260 mbs2/x86_64/net-snmp-mibs-5.7.2-14.1.mbs2.x86_64.rpm
dff402077edcdbbbb43876ab37f17c63 mbs2/x86_64/net-snmp-tkmib-5.7.2-14.1.mbs2.x86_64.rpm
e5dd0695599ce24250e9c56398ae708a mbs2/x86_64/net-snmp-trapd-5.7.2-14.1.mbs2.x86_64.rpm
73e35840936e48e76813ee9aa563e5db mbs2/x86_64/net-snmp-utils-5.7.2-14.1.mbs2.x86_64.rpm
3fcb54fc22046478a1f4fe25bfb3fbfc mbs2/x86_64/perl-NetSNMP-5.7.2-14.1.mbs2.x86_64.rpm
f7faf7abe0cb4119a24aa1eb7b4e88e2 mbs2/x86_64/python-netsnmp-5.7.2-14.1.mbs2.x86_64.rpm
70325be4b29a38030ee30a1bea4c0a40 mbs2/SRPMS/net-snmp-5.7.2-14.1.mbs2.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFVFnIkmqjQ0CJFipgRApj2AJ4siseZB35ENesBHXAJd354ztjc2wCg4i9a
CVlceu1C+yhzzsfXCVXUd5g=
=mTTW
-----END PGP SIGNATURE-----

Related

nessus 40
securityvulns 9
ibm 13
mageia 2
ubuntu 2
openvas 28
gentoo 2
veracode 3
debiancve 3
redhat 4
fedora 5
cve 3
oraclelinux 4
prion 3
ubuntucve 3
centos 4
freebsd 1
f5 2
amazon 1
cloudfoundry 1
rosalinux 1
nessus
nessus
Mandriva Linux Security Advisory : net-snmp (MDVSA-2015:092)
2015-03-30 00:00:00
openSUSE Security Update : net-snmp (openSUSE-SU-2014:0398-1)
2014-06-13 00:00:00
Mandriva Linux Security Advisory : net-snmp (MDVSA-2014:052)
2014-03-14 00:00:00
securityvulns
securityvulns
snmplib / snmpd DoS
2015-04-20 00:00:00
Net-SNMP DoS
2014-03-24 00:00:00
[ MDVSA-2014:052 ] net-snmp
2014-03-24 00:00:00
ibm
ibm
Security Bulletin: Tivoli Storage Productivity Center is affected by the following Net-SNMP vulnerabilities: CVE-2014-2284, CVE-2014-2285
2022-08-19 18:23:31
Security Bulletin: Vulnerabilities in net-snmp affect Power Hardware Management Console (CVE-2014-3565)
2021-09-23 01:31:39
Security Bulletin: A vulnerability in net-snmp affects IBM Security Network Intrusion Prevention System (CVE-2014-3565)
2022-02-23 19:48:26
mageia
mageia
Updated net-snmp packages fix two vulnerabilities
2014-03-07 18:16:46
Updated net-snmp packages fix CVE-2014-3565
2014-09-05 13:07:37
ubuntu
ubuntu
Net-SNMP vulnerabilities
2014-04-14 00:00:00
Net-SNMP vulnerabilities
2015-08-17 00:00:00
openvas
openvas
Ubuntu Update for net-snmp USN-2166-1
2014-04-15 00:00:00
Gentoo Security Advisory GLSA 201409-02
2015-09-29 00:00:00
Ubuntu Update for net-snmp USN-2166-1
2014-04-15 00:00:00
gentoo
gentoo
Net-SNMP: Denial of service
2014-09-01 00:00:00
SNMP: Denial of service
2015-07-10 00:00:00
veracode
veracode
Denial Of Service
2019-01-15 08:58:54
Denial Of Service (DoS)
2019-01-15 09:06:52
Denial Of Service (DoS)
2019-05-02 05:01:56
debiancve
debiancve
CVE-2014-2284
2014-03-24 16:43:00
CVE-2014-3565
2014-10-07 14:55:00
CVE-2014-2285
2014-04-27 22:55:00
redhat
redhat
(RHSA-2014:0321) Moderate: net-snmp security and bug fix update
2014-03-24 00:00:00
(RHSA-2015:1385) Moderate: net-snmp security and bug fix update
2015-07-22 00:00:00
(RHSA-2015:2345) Moderate: net-snmp security and bug fix update
2015-11-19 13:36:48
fedora
fedora
[SECURITY] Fedora 19 Update: net-snmp-5.7.2-14.fc19
2014-03-13 05:04:12
[SECURITY] Fedora 20 Update: net-snmp-5.7.2-17.fc20
2014-03-13 05:02:39
[SECURITY] Fedora 19 Update: net-snmp-5.7.2-15.fc19
2014-09-10 13:27:10
cve
cve
CVE-2014-2284
2014-03-24 16:43:00
CVE-2014-2285
2014-04-27 22:55:00
CVE-2014-3565
2014-10-07 14:55:00
oraclelinux
oraclelinux
net-snmp security and bug fix update
2014-03-24 00:00:00
net-snmp security and bug fix update
2015-11-23 00:00:00
net-snmp security and bug fix update
2015-07-28 00:00:00
prion
prion
Input validation
2014-03-24 16:43:00
Null pointer dereference
2014-04-27 22:55:00
Design/Logic Flaw
2014-10-07 14:55:00
ubuntucve
ubuntucve
CVE-2014-2284
2014-03-24 00:00:00
CVE-2014-2285
2014-03-05 00:00:00
CVE-2014-3565
2014-10-07 00:00:00
centos
centos
net security update
2014-03-24 20:46:56
net security update
2015-07-26 14:12:35
net security update
2015-11-30 19:45:16
freebsd
freebsd
net-snmp -- snmptrapd crash
2014-07-31 00:00:00
f5
f5
K17315 : SNMP vulnerability CVE-2014-3565
2015-09-29 00:00:00
SOL17315 - SNMP vulnerability CVE-2014-3565
2015-09-28 00:00:00
amazon
amazon
Medium: net-snmp
2014-03-24 23:39:00
cloudfoundry
cloudfoundry
USN-2711-1 Net-SNMP Vulnerabilities | Cloud Foundry
2015-10-07 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1929
2021-07-02 17:32:57
JSON
Related for SECURITYVULNS:DOC:31950
nessus40securityvulns9ibm13mageia2ubuntu2openvas28gentoo2veracode3debiancve3redhat4fedora5cve3oraclelinux4prion3ubuntucve3centos4freebsd1f52amazon1cloudfoundry1rosalinux1