Wind River Support Network

HomeDefectsLIN8-570
Fixed

LIN8-570 : CLONE - net-snmp: snmp_pdu_parse() incompletely parsed varBinds left in list of variables

Created: Jul 6, 2015    Updated: Mar 4, 2016
Resolved Date: Jul 27, 2015
Found In Version: 8.0
Fix Version: 8.0.0.0.LB06
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could exploit this flaw to cause a crash or, potentially, execute arbitrary code.

bug link:
https://bugzilla.redhat.com/show_bug.cgi?id=1212408
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube