Net-snmp : Security Vulnerabilities, CVEs, Published In 2015 (Denial of service)
The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
Max CVSS
7.5
EPSS Score
7.03%
Published
2015-08-19
Updated
2018-10-10
1 vulnerabilities found