Lucene search

MitreCVE-2006-0250

HistoryJan 18, 2006 - 2:00 a.m.

CVE-2006-0250

2006-01-1802:00:00

mitre

web.nvd.nist.gov

cve-2006-0250

cmu snmp utilities

snmptrapd

format string vulnerability

remote code execution

snmp

udp port 162

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

7.7

Confidence

High

EPSS

0.132

Percentile

95.6%

JSON

Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162.

Affected configurations

Nvd

Node

carnegie_mellon_universitysnmptrapdMatch3.6

carnegie_mellon_universitysnmptrapdMatch3.7

VendorProductVersionCPE
carnegie_mellon_universitysnmptrapd3.6cpe:2.3:a:carnegie_mellon_university:snmptrapd:3.6:*:*:*:*:*:*:*
carnegie_mellon_universitysnmptrapd3.7cpe:2.3:a:carnegie_mellon_university:snmptrapd:3.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
carnegie_mellon_university	snmptrapd	3.6	cpe:2.3:a:carnegie_mellon_university:snmptrapd:3.6:::::::*
carnegie_mellon_university	snmptrapd	3.7	cpe:2.3:a:carnegie_mellon_university:snmptrapd:3.7:::::::*

References

secunia.com/advisories/18525

www.digitalarmaments.com/2006040164883273.html

www.osvdb.org/22493

www.securityfocus.com/archive/1/422086/100/0/threaded

www.securityfocus.com/bid/16267

www.vupen.com/english/advisories/2006/0234

exchange.xforce.ibmcloud.com/vulnerabilities/24178

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

7.7

Confidence

High

EPSS

0.132

Percentile

95.6%

JSON

Related for CVE-2006-0250