CVE-2014-3565

Priority
Description
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used,
allows remote attackers to cause a denial of service (snmptrapd crash) via
a crafted SNMP trap message, which triggers a conversion to the variable
type designated in the MIB file, as demonstrated by a NULL type in an ifMtu
trap message.
Assigned-to
mdeslaur
Notes
jdstrandper upstream, -OQ option is uncommon
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):released (5.7.2~dfsg-8.1ubuntu3.1)
Patches:
Upstream:http://sourceforge.net/p/net-snmp/code/ci/7f4a7b891332899cea26e95be0337aae01648742/
More Information

Updated: 2020-07-28 19:52:06 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)