Information on source package net-snmp

Available versions

ReleaseVersion
buster5.7.3+dfsg-5+deb10u2
buster (security)5.7.3+dfsg-5+deb10u3
bullseye5.9+dfsg-4+deb11u1
bookworm5.9.3+dfsg-1
sid5.9.3+dfsg-1

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2022-44793vulnerablevulnerable (no DSA)vulnerablevulnerablehandle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-S ...
CVE-2022-44792vulnerablevulnerable (no DSA)vulnerablevulnerablehandle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP ...

Resolved issues

BugDescription
CVE-2022-24810A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference
CVE-2022-24809A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference
CVE-2022-24808A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
CVE-2022-24807A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access
CVE-2022-24806Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously
CVE-2022-24805A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access
CVE-2020-15862Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP ...
CVE-2020-15861Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX ...
CVE-2019-20892net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateRefer ...
CVE-2018-1000116NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the ...
CVE-2018-18066snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NU ...
CVE-2018-18065_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has ...
CVE-2015-8100The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for ...
CVE-2015-5621The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlie ...
CVE-2014-3565snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is us ...
CVE-2014-2310The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers t ...
CVE-2014-2285The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs i ...
CVE-2014-2284The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2. ...
CVE-2012-6151Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB ...
CVE-2012-2141Array index error in the handle_nsExtendOutput2Table function in agent ...
CVE-2009-1887agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Li ...
CVE-2008-6123The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp ...
CVE-2008-4309Integer overflow in the netsnmp_create_subtree_cache function in agent ...
CVE-2008-2292Buffer overflow in the __snprint_value function in snmp_get in Net-SNM ...
CVE-2008-0960SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x b ...
CVE-2007-5846The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote a ...
CVE-2006-6305Unspecified vulnerability in Net-SNMP 5.3 before 5.3.0.1, when configu ...
CVE-2005-4837snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3 ...
CVE-2005-2811Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, o ...
CVE-2005-2177Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when ...
CVE-2005-1740fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecu ...
CVE-2004-2300Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed ...
CVE-2003-0935Net-SNMP before 5.0.9 allows a user or community to access data in MIB ...
CVE-2002-1170The handle_var_requests function in snmp_agent.c for the SNMP daemon i ...

Security announcements

DSA / DLADescription
DLA-3088-1net-snmp - security update
DSA-5209-1net-snmp - security update
DSA-4746-1net-snmp - security update
DLA-2313-1net-snmp - security update
DLA-2299-1net-snmp - security update
DSA-4314-1net-snmp - security update
DLA-1540-1net-snmp - security update
DSA-4154-1net-snmp - security update
DLA-1317-1net-snmp - security update
DSA-1663-1net-snmp - several vulnerabilities
DSA-1483-1net-snmp - denial of service
DSA-873-1net-snmp - programming error

Search for package or bug name: Reporting problems