Home

CVE-2015-5621

Description

The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
17.811

Associated Vulnerability

VulnerabilityOS Platform
SNMP (Simple Network Management Protocol) server and applications (USN-2711-1) libsnmp30_5.7.2~dfsg-8.1ubuntu3.1_i386.debLinux
SNMP (Simple Network Management Protocol) server and applications (USN-2711-1) libsnmp30_5.7.2~dfsg-8.1ubuntu3.1_amd64.debLinux
SNMP (Simple Network Management Protocol) server and applications (USN-2711-1) libsnmp30_5.7.2~dfsg-8.1ubuntu5.1_i386.debLinux
SNMP (Simple Network Management Protocol) server and applications (USN-2711-1) libsnmp30_5.7.2~dfsg-8.1ubuntu5.1_amd64.debLinux
SUSE-SU-2015:1524-1(SUSE Linux Enterprise Desktop 11-SP3 ) libsnmp15-5.4.2.1-8.12.24.1.x86_64.rpmLinux
SUSE-SU-2015:1524-1(SUSE Linux Enterprise Desktop 11-SP3 ) libsnmp15-32bit-5.4.2.1-8.12.24.1.x86_64.rpmLinux
SUSE-SU-2015:1524-1(SUSE Linux Enterprise Desktop 11-SP3 ) net-snmp-5.4.2.1-8.12.24.1.x86_64.rpmLinux
SUSE-SU-2015:1524-1(SUSE Linux Enterprise Desktop 11-SP3 ) perl-SNMP-5.4.2.1-8.12.24.1.x86_64.rpmLinux
SUSE-SU-2015:1524-1(SUSE Linux Enterprise Desktop 11-SP3 ) snmp-mibs-5.4.2.1-8.12.24.1.x86_64.rpmLinux
SUSE-SU-2015:1556-1(SUSE Linux Enterprise Desktop 12 ) libsnmp30-5.7.2.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2015:1556-1(SUSE Linux Enterprise Desktop 12 ) libsnmp30-32bit-5.7.2.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2015:1556-1(SUSE Linux Enterprise Desktop 12 ) libsnmp30-debuginfo-5.7.2.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2015:1556-1(SUSE Linux Enterprise Desktop 12 ) libsnmp30-debuginfo-32bit-5.7.2.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2015:1556-1(SUSE Linux Enterprise Desktop 12 ) net-snmp-5.7.2.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2015:1556-1(SUSE Linux Enterprise Desktop 12 ) net-snmp-debuginfo-5.7.2.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2015:1556-1(SUSE Linux Enterprise Desktop 12 ) net-snmp-debugsource-5.7.2.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2015:1556-1(SUSE Linux Enterprise Desktop 12 ) perl-SNMP-5.7.2.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2015:1556-1(SUSE Linux Enterprise Desktop 12 ) perl-SNMP-debuginfo-5.7.2.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2015:1556-1(SUSE Linux Enterprise Desktop 12 ) snmp-mibs-5.7.2.1-4.3.2.x86_64.rpmLinux
CVE-2015-5621NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234