Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P
Vendors Products
Apple
  • Mac Os X
Canonical
  • Ubuntu Linux
Net-snmp
  • Net-snmp

Configuration 1 [-]

OR cpe:2.3:o:apple:mac_os_x:10.11.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:net-snmp:net-snmp:*:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.0:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.1:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.2:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.3:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.4:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.5:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.6:*:*:*:*:*:*:*
cpe:2.3:a:net-snmp:net-snmp:5.7:*:*:*:*:*:*:*
References
Link Resource
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
http://seclists.org/oss-sec/2013/q4/398
http://seclists.org/oss-sec/2013/q4/415
http://secunia.com/advisories/55804
http://secunia.com/advisories/57870
http://secunia.com/advisories/59974
http://sourceforge.net/p/net-snmp/bugs/2411/ Exploit
http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml
http://www.securityfocus.com/bid/64048 Exploit
http://www.ubuntu.com/usn/USN-2166-1
https://bugzilla.redhat.com/show_bug.cgi?id=1038007
https://exchange.xforce.ibmcloud.com/vulnerabilities/89485
https://rhn.redhat.com/errata/RHSA-2014-0322.html
https://support.apple.com/HT205375
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2013-12-13T17:00:00

Updated: 2017-08-28T12:57:01

Reserved: 2012-12-06T00:00:00

Link: CVE-2012-6151

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2013-12-13T18:55:04.693

Modified: 2017-08-29T01:32:55.463

Link: CVE-2012-6151

JSON object: View

cve-icon Redhat Information

No data.

CWE