CVE-2014-1452

FreeBSD 8.3-10.0 - Stack-Based Buffer Overflow in bsnmpd via GETBULK PDU Request

Title source: llm

Description

Stack-based buffer overflow in lib/snmpagent.c in bsnmpd, as used in FreeBSD 8.3 through 10.0, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted GETBULK PDU request.

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/64967

Vendor Advisory vendor-advisory x_refsource_freebsd

http://www.freebsd.org/security/advisories/FreeBSD-SA-14:01.bsnmpd.asc

Various Sources x_refsource_confirm

http://svnweb.freebsd.org/base?view=revision&amp%3Brevision=260636

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/56496

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1029616

Scores

EPSS 0.0062

EPSS Percentile 70.3%

Details

CWE

CWE-119

Status published

Products (6)

freebsd/freebsd 8.3

freebsd/freebsd 8.4

freebsd/freebsd 9.0

freebsd/freebsd 9.1 (3 CPE variants)

freebsd/freebsd 9.2 (4 CPE variants)

freebsd/freebsd 10.0

Published Jan 21, 2014

Tracked Since Feb 18, 2026