Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ucd-snmp | Ucd-snmp | * | 4.2.3 (including) |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000696
- http://www.securityfocus.com/archive/1/248141
- http://www.securityfocus.com/bid/3780
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7776
- http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000696
- http://www.securityfocus.com/archive/1/248141
- http://www.securityfocus.com/bid/3780
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7776