CVE-2015-5621 (retired)

Priority
Description
The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier
does not remove the varBind variable in a netsnmp_variable_list item when
parsing of the SNMP PDU fails, which allows remote attackers to cause a
denial of service (crash) and possibly execute arbitrary code via a crafted
packet.
Assigned-to
mdeslaur
More Information

Updated: 2019-08-23 09:07:19 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)