Bart Van Assche

2 exploits Active since Jun 2020

CVE-2019-20892 WRITEUP MEDIUM WRITEUP

Net-snmp < 5.8 - Double Free

net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release.

CVSS 6.5

View Code

CVE-2020-15861 WRITEUP HIGH WRITEUP

Net-snmp < 5.7.3 - Symlink Following

Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following.

CVSS 7.8

View Code