Denial of Service Vulnerability in Net-SNMP by Net-SNMP
CVE-2012-6151

Currently unrated

Key Information:

Vendor: Apple
Status: Mac Os X; Ubuntu Linux
Vendor: CVE Published:; 13 December 2013

Summary

The vulnerability in Net-SNMP versions 5.7.1 and earlier affects the AgentX protocol, which can be exploited by remote attackers. By manipulating MIB registration and GETNEXT requests, an attacker can trigger a situation where the AgentX subagent experiences timeouts, resulting in a denial of service that may manifest as a crash, infinite loops, increased CPU consumption, or system hangs. This can adversely impact systems relying on SNMP for network management, making them unresponsive and degrading overall service.

References

http://www.securityfocus.com/bid/64048

vdb-entryx_refsource_BID

http://lists.apple.com/archives/security-announce/2015/Oc...

vendor-advisoryx_refsource_APPLE

https://support.apple.com/HT205375

x_refsource_CONFIRM

EPSS Score

22% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 13, 2013
Vulnerability Reserved
Dec 6, 2012