CVE-2014-2284

Net-SNMP 5.5-5.5.2 5.6-5.6.2 5.7-5.7.2 - Denial of Service via ICMP-MIB Input Validation

Title source: llm
STIX 2.1

Description

The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors.

References (12)

Core 12
Core References
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2014-03/msg00060.html
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2014-03/msg00061.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/57583
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/57124
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2166-1
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/59974
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/57870
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/57526
Third Party Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml
Various Sources mailing-list x_refsource_mlist
http://comments.gmane.org/gmane.comp.security.oss.general/12284
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-0321.html

Scores

EPSS 0.0443
EPSS Percentile 90.2%

Details

CWE
CWE-20
Status published
Products (12)
net-snmp/net-snmp 5.5
net-snmp/net-snmp 5.5.0.1
net-snmp/net-snmp 5.5.0.2
net-snmp/net-snmp 5.5.1
net-snmp/net-snmp 5.5.1.1
net-snmp/net-snmp 5.5.2
net-snmp/net-snmp 5.6
net-snmp/net-snmp 5.6.1.1
net-snmp/net-snmp 5.6.2
net-snmp/net-snmp 5.7
... and 2 more
Published Mar 24, 2014
Tracked Since Feb 18, 2026