A vulnerability in SNMP could lead to a Denial of Service condition.
Package | net-analyzer/net-snmp on all architectures |
---|---|
Affected versions | < 5.7.3_pre5-r1 |
Unaffected versions | >= 5.7.3_pre5-r1 |
SNMP is a widely used protocol for monitoring the health and welfare of network equipment.
A specially crafted trap message triggers a conversion to an erroneous variable type when the -OQ option is used.
A remote attacker could possibly cause a Denial of Service condition.
There is no known workaround at this time.
All SNMP users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/net-snmp-5.7.3_pre5-r1"
Release date
July 10, 2015
Latest revision
July 10, 2015: 2
Severity
normal
Exploitable
remote
Bugzilla entries