FreeBSD : net-snmp -- Remote DoS (5d85976a-9011-11e1-b5e0-000c299b62e1)

low Nessus Plugin ID 58889

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

The Red Hat Security Response Team reports :

An array index error, leading to out-of heap-based buffer read flaw was found in the way the net-snmp agent performed lookups in the extension table. When certain MIB subtrees were handled by the extend directive, a remote attacker (having read privileges to the subntree) could use this flaw to cause a denial of service condition via an SNMP GET request involving a non-existent extension table entry.

Solution

Update the affected package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=815813

https://www.openwall.com/lists/oss-security/2012/04/26/2

http://www.nessus.org/u?1abc766d

Plugin Details

Severity: Low

ID: 58889

File Name: freebsd_pkg_5d85976a901111e1b5e0000c299b62e1.nasl

Version: 1.7

Type: local

Published: 4/27/2012

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Low

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:net-snmp, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 4/27/2012

Vulnerability Publication Date: 4/26/2012

Reference Information

CVE: CVE-2012-2141