CVE-2012-6151

medium

Description

Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout.

References

https://support.apple.com/HT205375

https://rhn.redhat.com/errata/RHSA-2014-0322.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/89485

https://bugzilla.redhat.com/show_bug.cgi?id=1038007

http://www.ubuntu.com/usn/USN-2166-1

http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml

http://secunia.com/advisories/59974

http://secunia.com/advisories/57870

http://secunia.com/advisories/55804

http://seclists.org/oss-sec/2013/q4/415

http://seclists.org/oss-sec/2013/q4/398

http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

Details

Source: Mitre, NVD

Published: 2013-12-13

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 10

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Severity: Critical

CVSS v4

Base Score: 4.8

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Severity: Medium