UbuntuUpdates.org

Package "snmp"

Name: snmp

Description:

SNMP (Simple Network Management Protocol) applications

Latest version: 5.7.2~dfsg-8.1ubuntu3.3
Release: trusty (14.04)
Level: security
Repository: main
Head package: net-snmp
Homepage: http://net-snmp.sourceforge.net/

Links

Save this URL for the latest version of "snmp": https://www.ubuntuupdates.org/snmp


Download "snmp"


Other versions of "snmp" in Trusty

Repository Area Version
base main 5.7.2~dfsg-8.1ubuntu3
updates main 5.7.2~dfsg-8.1ubuntu3.3

Changelog

Version: 5.7.2~dfsg-8.1ubuntu3.3 2018-10-15 18:06:53 UTC

  net-snmp (5.7.2~dfsg-8.1ubuntu3.3) trusty-security; urgency=medium

  * SECURITY UPDATE: DoS via NULL pointer exception
    - debian/patches/CVE-2018-18065.patch: fix logic in
      agent/helpers/table.c.
    - CVE-2018-18065

 -- Marc Deslauriers <email address hidden> Mon, 15 Oct 2018 10:17:19 -0400

Source diff to previous version
CVE-2018-18065 _set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to

Version: 5.7.2~dfsg-8.1ubuntu3.1 2015-08-17 17:06:46 UTC

  net-snmp (5.7.2~dfsg-8.1ubuntu3.1) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted SNMP trap message
    - debian/patches/CVE-2014-3565.patch: handle variables with wrong types
      in snmplib/mib.c.
    - CVE-2014-3565
  * SECURITY UPDATE: denial of service and possible code execution via
    incompletely parsed varBind variables
    - debian/patches/CVE-2015-5621.patch: don't return incorrectly parsed
      varbinds in snmplib/snmp_api.c.
    - CVE-2015-5621

 -- Marc Deslauriers Thu, 13 Aug 2015 10:27:24 -0400

CVE-2014-3565 snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via
CVE-2015-5621 net-snmp snmp_pdu_parse() function incompletely initialization vulnerability



About   -   Send Feedback to @ubuntu_updates