SNMP Vulnerability in Net-SNMP Affecting Multiple Vendors
CVE-2014-3565

Currently unrated

Key Information:

Vendor

Apple
Status
Mac Os X
Ubuntu Linux
Vendor
CVE Published:
7 October 2014

What is CVE-2014-3565?

The vulnerability in net-snmp versions 5.7.0 and earlier arises when the -OQ option is used, allowing remote attackers to exploit crafted SNMP trap messages. This exploitation leads to the remote execution of a denial of service attack by triggering a crash of the snmptrapd service. Specifically, this occurs due to a type conversion issue in the MIB file, often demonstrated by an unexpected NULL type in an ifMtu trap message, which results in instability of the SNMP service.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.apple.com/archives/security-announce/2015/Oc...
vendor-advisoryx_refsource_APPLE
https://support.apple.com/HT205375
x_refsource_CONFIRM
http://sourceforge.net/p/net-snmp/code/ci/7f4a7b891332899...
x_refsource_CONFIRM

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.