|Category:||Huawei EulerOS Local Security Checks|
|Title:||Huawei EulerOS: Security Advisory for net-snmp (EulerOS-SA-2019-1436)|
|Summary:||The remote host is missing an update for the Huawei EulerOS 'net-snmp' package(s) announced via the EulerOS-SA-2019-1436 advisory.|
The remote host is missing an update for the Huawei EulerOS 'net-snmp' package(s) announced via the EulerOS-SA-2019-1436 advisory.
It was discovered that the snmp_pdu_parse() mishandles error codes and is vulnerable to a heap corruption within the parsing of the PDU prior to the authentication process. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user running snmpd.(CVE-2018-1000116)
snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.(CVE-2018-18066)
It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user running snmpd.(CVE-2015-5621)
'net-snmp' package(s) on Huawei EulerOS Virtualization 188.8.131.52.
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2015-5621|
BugTraq ID: 76380
Debian Security Information: DSA-4154 (Google Search)
RedHat Security Advisories: RHSA-2015:1636
SuSE Security Announcement: openSUSE-SU-2015:1502 (Google Search)
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.