net-snmp
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | A suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6 |
| Version |
5.9.4-3 [extra-testing] 5.9.4-2 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-783 | 5.7.3-9 | 5.8-1 | High | Fixed | |
| AVG-777 | 5.7.3-9 | 5.8-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2018-18066 | AVG-783 | High | Yes | Denial of service | A denial of service vulnerability has been discovered in net-snmp before 5.8. The snmp_oid_compare function in snmplib/snmp_api.c has a NULL pointer... |
| CVE-2018-18065 | AVG-777 | Medium | Yes | Denial of service | A denial of service vulnerability has been discovered in net-snmp before 5.8. The _set_key function in agent/helpers/table_container.c has a NULL pointer... |
| CVE-2015-5621 | AVG-777 | High | Yes | Arbitrary code execution | It was discovered that in net-snmp before 5.8 the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 17 Oct 2018 | ASA-201810-11 | AVG-777 | High | multiple issues |