Vulnerability Details : CVE-2005-2177
Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop.
Vulnerability category: Denial of service
Products affected by CVE-2005-2177
- cpe:2.3:a:net-snmp:net-snmp:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp:net-snmp:5.0.4_pre2:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp:net-snmp:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp:net-snmp:5.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp:net-snmp:5.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp:net-snmp:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp:net-snmp:5.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp:net-snmp:5.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp:net-snmp:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp:net-snmp:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp:net-snmp:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp:net-snmp:5.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp:net-snmp:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp:net-snmp:5.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-2177
11.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-2177
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2005-2177
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2005-2177
-
http://www.ubuntu.com/usn/usn-190-1
USN-190-1: SNMP vulnerability | Ubuntu security notices | Ubuntu
-
http://www.vupen.com/english/advisories/2007/1883
Site en constructionVendor Advisory
-
http://www.securityfocus.com/archive/1/451419/100/200/threaded
-
http://www.vupen.com/english/advisories/2006/4677
Site en constructionVendor Advisory
-
http://www.redhat.com/support/errata/RHSA-2005-720.html
Support
-
http://www.securityfocus.com/archive/1/451404/100/0/threaded
-
http://secunia.com/advisories/25432
About Secunia Research | FlexeraVendor Advisory
-
http://secunia.com/advisories/17343
About Secunia Research | FlexeraVendor Advisory
-
http://secunia.com/advisories/16999
About Secunia Research | FlexeraVendor Advisory
-
http://secunia.com/advisories/18635
About Secunia Research | FlexeraVendor Advisory
-
http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455
Page not found - SourceForge.netPatch
-
http://secunia.com/advisories/22875
About Secunia Research | FlexeraVendor Advisory
-
http://secunia.com/advisories/25787
About Secunia Research | FlexeraVendor Advisory
-
http://www.vmware.com/download/esx/esx-254-200610-patch.html
Page not found
-
http://www.novell.com/linux/security/advisories/2007_13_sr.html
404 Page Not Found | SUSE
-
http://secunia.com/advisories/17282
About Secunia Research | FlexeraVendor Advisory
-
http://www.securityfocus.com/archive/1/451417/100/200/threaded
-
http://secunia.com/advisories/17135
About Secunia Research | FlexeraVendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986
404 Not Found
-
http://www.vupen.com/english/advisories/2006/4502
Site en constructionVendor Advisory
-
http://www.novell.com/linux/security/advisories/2005_24_sr.html
404 Page Not Found | SUSE
-
http://www.securityfocus.com/bid/21256
-
http://secunia.com/advisories/23058
About Secunia Research | FlexeraVendor Advisory
-
http://www.vmware.com/download/esx/esx-202-200610-patch.html
Page not found
-
http://www.net-snmp.org/about/ChangeLog.html
Net-SNMP
-
http://www.vmware.com/download/esx/esx-213-200610-patch.html
Page not found
-
http://secunia.com/advisories/17007
About Secunia Research | FlexeraVendor Advisory
-
http://secunia.com/advisories/15930
About Secunia Research | FlexeraVendor Advisory
-
http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf
-
http://www.securityfocus.com/archive/1/451426/100/200/threaded
-
http://www.redhat.com/support/errata/RHSA-2005-395.html
Support
-
http://www.securityfocus.com/bid/14168
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1
-
http://secunia.com/advisories/17217
About Secunia Research | FlexeraVendor Advisory
-
http://www.novell.com/linux/security/advisories/2007_12_sr.html
404 Page Not Found | SUSE
-
http://www.trustix.org/errata/2005/0034/
Trustix | Empowering Trust and Security in the Digital AgePatch;Vendor Advisory
-
http://secunia.com/advisories/25373
About Secunia Research | FlexeraVendor Advisory
-
http://www.debian.org/security/2005/dsa-873
[SECURITY] [DSA 873-1] New net-snmp packages fix denial of service
-
http://securitytracker.com/id?1017273
Access Denied
-
http://www.redhat.com/support/errata/RHSA-2005-373.html
Support
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:025
Mandriva
Jump to