Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - Net-SNMP: memory leaks

May 2010 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

An attacker can use several memory leaks of Net-SNMP, in order to
generate a denial of service.

Severity: 2/4

Creation date: 24/05/2010

DESCRIPTION OF THE VULNERABILITY

Several memory leaks were announced in Net-SNMP.

The snmplib library is impacted by several memory leaks.
[severity:2/4; 2797251]

A memory leak occurs in the OID (Object ID) handling of snmplib.
[severity:2/4; 2871747]

A memory leak occurs in snmpd, when the OID table is constructed.
[severity:2/4; 2822360]

A memory leak occurs in snmpd, when ipAddressPrefixTable is
managed. [severity:2/4; 2822337]

A memory leak occurs in snmpd, when handling a proxy.
[severity:2/4; 2883155]

A memory leak occurs in snmpd, when several interfaces have the
same IPv6 address. [severity:2/4]

A memory leak occurs in the Python interface of snmpwalk.
[severity:2/4; 2260828]

On Linux, a memory leak occurs in udpEndpointTable. [severity:2/4;
2822355]

On Windows, a handle leak occurs in pass_persist. [severity:2/4;
2779541]

On Windows, a memory leak occurs in winExtDLL/SnmpExtensionQuery.
[severity:2/4]

An attacker can therefore use several memory leaks of Net-SNMP, in
order to generate a denial of service.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/Net-SNMP-memory-leaks-9664


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts