Vigil@nce - Net-SNMP: denial of service via snmptrapd
September 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send a malicious SNMP TRAP packet to snmptrapd of
Net-SNMP with "-OQ", in order to trigger a denial of service.
Impacted products: Fedora, Net-SNMP, openSUSE
Severity: 2/4
Creation date: 01/09/2014
DESCRIPTION OF THE VULNERABILITY
The Net-SNMP snmptrapd daemon supports the "-OQ" option, which
indicates to not display the type (Timeticks, Integer, etc.).
However, in this case, display functions interpret data from
packet (for example NULL) with the type of the MIB (for example
Integer), which stops the daemon.
An attacker can therefore send a malicious SNMP TRAP packet to
snmptrapd of Net-SNMP with "-OQ", in order to trigger a denial of
service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Net-SNMP-denial-of-service-via-snmptrapd-15248