[v2.4] net-snmp: remote DoS (CVE-2012-6151)
Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout.
•MLIST:[oss-security] 20131202 NMPD DoS #2411 snmpd crashes/hangs
when AgentX subagent times-out
•URL: http://seclists.org/oss-sec/2013/q4/398
•MLIST:[oss-security] 20131202 Re: SNMPD DoS #2411 snmpd
crashes/hangs when AgentX subagent times-out
•URL: http://seclists.org/oss-sec/2013/q4/415
•MISC: http://sourceforge.net/p/net-snmp/bugs/2411/
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1038007
•BID:64048
•URL: http://www.securityfocus.com/bid/64048
•XF:netsnmp-cve20126151-dos(89485)
•URL: http://xforce.iss.net/xforce/xfdb/89485
(from redmine: issue id 2659, created on 2014-02-04, closed on 2014-03-05)
- Relations:
- parent #2658 (closed)
- Changesets:
- Revision e760d56c on 2014-03-04T14:53:24Z:
main/net-snmp: security fix CVE-2012-6151. Fixes #2659