CVE-2015-5677

2017-02-0715:00:00

mitre

www.cve.org

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config file, which allows local users to obtain the secret key for USM authentication by reading the file.

References

www.securitytracker.com/id/1034678

pierrekim.github.io/blog/2016-01-15-cve-2015-5677-freebsd-bsnmpd.html

www.freebsd.org/security/advisories/FreeBSD-SA-16:06.bsnmpd.asc