CVE-2014-3565 (retired)

Priority
Description
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used,
allows remote attackers to cause a denial of service (snmptrapd crash) via
a crafted SNMP trap message, which triggers a conversion to the variable
type designated in the MIB file, as demonstrated by a NULL type in an ifMtu
trap message.
Notes
 jdstrand> per upstream, -OQ option is uncommon
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (5.7.2~dfsg-8.1ubuntu3.1)
Patches:
Upstream:http://sourceforge.net/p/net-snmp/code/ci/7f4a7b891332899cea26e95be0337aae01648742/
More Information

Updated: 2019-03-26 12:13:06 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)