CVE-2005-4837
First published: Sat Dec 31 2005(Updated: )
snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| CentOS net-snmp-libs | <=5.1.2 | |
| CentOS Net-SNMP Agent Libraries | =5.0.6 | |
| CentOS Net-SNMP Agent Libraries | =5.0.9 | |
| CentOS Net-SNMP Agent Libraries | =5.0 | |
| CentOS Net-SNMP Agent Libraries | =5.0.4_pre2 | |
| CentOS Net-SNMP Agent Libraries | =5.0.7 | |
| CentOS Net-SNMP Agent Libraries | =5.0.2 | |
| CentOS net-snmp-libs | <=5.2.1.2 | |
| CentOS Net-SNMP Agent Libraries | =5.0.1 | |
| CentOS Net-SNMP Agent Libraries | =5.0.3 | |
| CentOS net-snmp-libs | <=5.0.9 | |
| CentOS Net-SNMP Agent Libraries | =5.0.5 | |
| CentOS Net-SNMP Agent Libraries | =5.0.10 | |
| CentOS Net-SNMP Agent Libraries | =5.0.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://sourceforge.net/tracker/index.php?func=detail&aid=1207023&group_id=12694&atid=112694
- https://issues.rpath.com/browse/RPL-1334
- http://www.ubuntu.com/usn/USN-456-1
- http://www.securityfocus.com/bid/23762
- http://secunia.com/advisories/25114
- http://secunia.com/advisories/25115
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102929-1
- http://secunia.com/advisories/25411
- http://www.vupen.com/english/advisories/2007/1944
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9442
Frequently Asked Questions
What is the severity of CVE-2005-4837?
CVE-2005-4837 has a severity score that typically indicates a denial of service vulnerability.
How do I fix CVE-2005-4837?
To resolve CVE-2005-4837, upgrade to Net-SNMP version 5.2.2 or later.
Which versions of Net-SNMP are affected by CVE-2005-4837?
CVE-2005-4837 affects Net-SNMP versions 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2.
Is CVE-2005-4837 a remote vulnerability?
Yes, CVE-2005-4837 allows remote attackers to exploit the vulnerability.
What kind of attack does CVE-2005-4837 facilitate?
CVE-2005-4837 facilitates denial of service attacks causing the application to crash.
- agent/weakness
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- vendor/sourceforge
- product/net-snmp
- canonical/sourceforge net-snmp
- vendor/net-snmp
- canonical/net-snmp net-snmp
- agent/software-canonical-lookup-request
- collector/nvd-index
- canonical/centos net-snmp-libs
- version/centos net-snmp-libs/5.1.2
- canonical/centos net-snmp agent libraries
- version/centos net-snmp agent libraries/5.0.6
- version/centos net-snmp agent libraries/5.0.9
- version/centos net-snmp agent libraries/5.0
- version/centos net-snmp agent libraries/5.0.4_pre2
- version/centos net-snmp agent libraries/5.0.7
- version/centos net-snmp agent libraries/5.0.2
- version/centos net-snmp-libs/5.2.1.2
- version/centos net-snmp agent libraries/5.0.1
- version/centos net-snmp agent libraries/5.0.3
- version/centos net-snmp-libs/5.0.9
- version/centos net-snmp agent libraries/5.0.5
- version/centos net-snmp agent libraries/5.0.10
- version/centos net-snmp agent libraries/5.0.8