net-snmp: fix for Security Advisory - CVE-2014-3565 (4bb8bb5e) · Commits · poplar / meta-openembedded

Commit 4bb8bb5e authored Nov 04, 2014 by

Roy Li Committed by Joe MacDonald Nov 04, 2014

net-snmp: fix for Security Advisory - CVE-2014-3565

snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used,
allows remote attackers to cause a denial of service (snmptrapd crash) via
a crafted SNMP trap message, which triggers a conversion to the variable
type designated in the MIB file, as demonstrated by a NULL type in an ifMtu
trap message.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3565



Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>

parent e3a1a2d8

Expand all Hide whitespace changes

Inline Side-by-side

Please register or to comment

Admin message

net-snmp: fix for Security Advisory - CVE-2014-3565