diff options
author | zi <zi@FreeBSD.org> | 2012-04-27 10:45:24 +0800 |
---|---|---|
committer | zi <zi@FreeBSD.org> | 2012-04-27 10:45:24 +0800 |
commit | 6f11a21be5dd9051547319eaad9759f38c26fae7 (patch) | |
tree | 30ca82dc959b3c58d01a20cc2f67bd60284f3bfd | |
parent | 3ce3f0ca6652951760a86c4ff52033514379435f (diff) | |
download | freebsd-ports-gnome-6f11a21be5dd9051547319eaad9759f38c26fae7.tar.gz freebsd-ports-gnome-6f11a21be5dd9051547319eaad9759f38c26fae7.tar.zst freebsd-ports-gnome-6f11a21be5dd9051547319eaad9759f38c26fae7.zip |
- Document vulnerability in net-mgmt/net-snmp (CVE-2012-2141)
-rw-r--r-- | security/vuxml/vuln.xml | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 86311041772b..ea348837e1b9 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -52,6 +52,39 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="5d85976a-9011-11e1-b5e0-000c299b62e1"> + <topic>net-snmp -- Remote DoS</topic> + <affects> + <package> + <name>net-snmp</name> + <range><lt>5.7.1_7</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The Red Hat Security Response Team reports:</p> + <blockquote cite="https://bugzilla.redhat.com/show_bug.cgi?id=815813"> + <p>An array index error, leading to out-of heap-based buffer read flaw was + found in the way the net-snmp agent performed lookups in the + extension table. When certain MIB subtrees were handled by the + extend directive, a remote attacker (having read privileges to the + subntree) could use this flaw to cause a denial of service condition + via an SNMP GET request involving a non-existent extension table + entry.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2012-2141</cvename> + <url>https://bugzilla.redhat.com/show_bug.cgi?id=815813</url> + <url>http://www.openwall.com/lists/oss-security/2012/04/26/2</url> + </references> + <dates> + <discovery>2012-04-26</discovery> + <entry>2012-04-27</entry> + </dates> + </vuln> + <vuln vid="380e8c56-8e32-11e1-9580-4061862b8c22"> <topic>mozilla -- multiple vulnerabilities</topic> <affects> |