Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4837

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-4837
Last Modified 07 Mar 2011 12:00:00
Published 31 Dec 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4837

Summary

snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177.

Vulnerable Systems

Application

  • Net-snmp 5.0

  • Net-snmp 5.0.1

  • Net-snmp 5.0.10

  • Net-snmp 5.0.2

  • Net-snmp 5.0.3

  • Net-snmp 5.0.4 Pre2

  • Net-snmp 5.0.5

  • Net-snmp 5.0.6

  • Net-snmp 5.0.7

  • Net-snmp 5.0.8

  • Net-snmp 5.0.9

  • Sourceforge Net-snmp 5.0.9

  • Sourceforge Net-snmp 5.1.2

  • Sourceforge Net-snmp 5.2.1.2


References

CONFIRM - https://issues.rpath.com/browse/RPL-1334

VUPEN - ADV-2007-1944

UBUNTU - USN-456-1

BID - 23762

SUNALERT - 102929

CONFIRM - http://sourceforge.net/tracker/index.php?func=detail&aid=1207023&group_id=12694&atid=112694

SECUNIA - 25411

SECUNIA - 25115

SECUNIA - 25114


Last Updated: 27 May 2016 10:41:27