CVE-2020-15862

Priority
Description
Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE
access to the EXTEND MIB provides the ability to run arbitrary commands as
root.
Assigned-to
leosilva
Notes
sarnoldsee Debian's triage notes
Package
Upstream:released (5.8+dfsg-4)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Ubuntu 14.04 ESM (Trusty Tahr):released (5.7.2~dfsg-8.1ubuntu3.3+esm2)
Ubuntu 16.04 LTS (Xenial Xerus):released (5.7.3+dfsg-1ubuntu4.6)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.7.3+dfsg-1.8ubuntu3.6)
Ubuntu 20.04 LTS (Focal Fossa):released (5.8+dfsg-2ubuntu2.3)
Ubuntu 20.10 (Groovy Gorilla):released (5.8+dfsg-5ubuntu1)
Patches:
Upstream:https://github.com/net-snmp/net-snmp/commit/77f6c60f57dba0aaea5d8ef1dd94bcd0c8e6d205
More Information

Updated: 2020-09-10 06:36:31 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)