Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-2711-1.NASL
HistoryAug 18, 2015 - 12:00 a.m.

Ubuntu 14.04 LTS : Net-SNMP vulnerabilities (USN-2711-1)

2015-08-1800:00:00
Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
62

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.082 Low

EPSS

Percentile

94.4%

JSON

It was discovered that Net-SNMP incorrectly handled certain trap messages when the -OQ option was used. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service. (CVE-2014-3565)

Qinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing failures. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-5621).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2711-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(85506);
  script_version("2.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/20");

  script_cve_id("CVE-2014-3565", "CVE-2015-5621");
  script_xref(name:"USN", value:"2711-1");

  script_name(english:"Ubuntu 14.04 LTS : Net-SNMP vulnerabilities (USN-2711-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"It was discovered that Net-SNMP incorrectly handled certain trap
messages when the -OQ option was used. A remote attacker could use
this issue to cause Net-SNMP to crash, resulting in a denial of
service. (CVE-2014-3565)

Qinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU
parsing failures. A remote attacker could use this issue to cause
Net-SNMP to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2015-5621).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-2711-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-5621");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2014-3565");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/10/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/08/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/08/18");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsnmp30");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python-netsnmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:snmpd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:tkmib");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsnmp-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsnmp-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsnmp-perl");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('14.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '14.04', 'pkgname': 'libsnmp-base', 'pkgver': '5.7.2~dfsg-8.1ubuntu3.1'},
    {'osver': '14.04', 'pkgname': 'libsnmp-dev', 'pkgver': '5.7.2~dfsg-8.1ubuntu3.1'},
    {'osver': '14.04', 'pkgname': 'libsnmp-perl', 'pkgver': '5.7.2~dfsg-8.1ubuntu3.1'},
    {'osver': '14.04', 'pkgname': 'libsnmp30', 'pkgver': '5.7.2~dfsg-8.1ubuntu3.1'},
    {'osver': '14.04', 'pkgname': 'python-netsnmp', 'pkgver': '5.7.2~dfsg-8.1ubuntu3.1'},
    {'osver': '14.04', 'pkgname': 'snmp', 'pkgver': '5.7.2~dfsg-8.1ubuntu3.1'},
    {'osver': '14.04', 'pkgname': 'snmpd', 'pkgver': '5.7.2~dfsg-8.1ubuntu3.1'},
    {'osver': '14.04', 'pkgname': 'tkmib', 'pkgver': '5.7.2~dfsg-8.1ubuntu3.1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsnmp-base / libsnmp-dev / libsnmp-perl / libsnmp30 / etc');
}
VendorProductVersionCPE
canonicalubuntu_linuxlibsnmp30p-cpe:/a:canonical:ubuntu_linux:libsnmp30
canonicalubuntu_linuxpython-netsnmpp-cpe:/a:canonical:ubuntu_linux:python-netsnmp
canonicalubuntu_linuxsnmpp-cpe:/a:canonical:ubuntu_linux:snmp
canonicalubuntu_linuxsnmpdp-cpe:/a:canonical:ubuntu_linux:snmpd
canonicalubuntu_linuxtkmibp-cpe:/a:canonical:ubuntu_linux:tkmib
canonicalubuntu_linux14.04cpe:/o:canonical:ubuntu_linux:14.04:-:lts
canonicalubuntu_linuxlibsnmp-basep-cpe:/a:canonical:ubuntu_linux:libsnmp-base
canonicalubuntu_linuxlibsnmp-devp-cpe:/a:canonical:ubuntu_linux:libsnmp-dev
canonicalubuntu_linuxlibsnmp-perlp-cpe:/a:canonical:ubuntu_linux:libsnmp-perl

Related

securityvulns 7
openvas 21
ubuntu 1
ibm 19
cloudfoundry 1
prion 2
debiancve 2
nessus 35
freebsd 2
f5 4
nvd 2
amazon 1
cve 2
oraclelinux 3
veracode 3
cvelist 2
ubuntucve 4
gentoo 1
centos 3
fedora 3
redhat 3
mageia 1
ics 1
debian 2
archlinux 1
osv 2
rosalinux 1
securityvulns
securityvulns
[USN-2711-1] Net-SNMP vulnerabilities
2015-08-24 00:00:00
Net-SNMP memory corruption
2015-08-24 00:00:00
[ MDVSA-2014:184 ] net-snmp
2014-09-29 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2711-1)
2015-08-18 00:00:00
CentOS Update for net-snmp CESA-2015:1636 centos6
2015-08-18 00:00:00
CentOS Update for net-snmp CESA-2015:1636 centos7
2015-08-18 00:00:00
ubuntu
ubuntu
Net-SNMP vulnerabilities
2015-08-17 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Net-SNMP affect IBM Security Access Manager for Web (CVE-2014-3565, CVE-2015-5621)
2018-06-16 21:38:59
Security Bulletin: Vulnerabilities in Net-SNMP affect IBM Security Access Manager for Mobile (CVE-2014-3565, CVE-2015-5621)
2018-06-16 21:39:29
Security Bulletin: IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerabilities
2018-09-28 04:30:01
cloudfoundry
cloudfoundry
USN-2711-1 Net-SNMP Vulnerabilities | Cloud Foundry
2015-10-07 00:00:00
prion
prion
Design/Logic Flaw
2015-08-19 15:59:00
Design/Logic Flaw
2014-10-07 14:55:00
debiancve
debiancve
CVE-2015-5621
2015-08-19 15:59:09
CVE-2014-3565
2014-10-07 14:55:04
nessus
nessus
F5 Networks BIG-IP : SNMP vulnerability (K17378)
2016-01-14 00:00:00
openSUSE Security Update : net-snmp (openSUSE-2015-568)
2015-09-08 00:00:00
Scientific Linux Security Update : net-snmp on SL6.x, SL7.x i386/x86_64 (20150817)
2015-08-18 00:00:00
freebsd
freebsd
net-snmp -- snmp_pdu_parse() function incomplete initialization
2015-04-11 00:00:00
net-snmp -- snmptrapd crash
2014-07-31 00:00:00
f5
f5
SOL17378 - SNMP vulnerability CVE-2015-5621
2015-10-07 00:00:00
K17378 : SNMP vulnerability CVE-2015-5621
2015-10-08 00:00:00
K17315 : SNMP vulnerability CVE-2014-3565
2015-09-29 00:00:00
nvd
nvd
CVE-2015-5621
2015-08-19 15:59:09
CVE-2014-3565
2014-10-07 14:55:04
amazon
amazon
Medium: net-snmp
2015-09-02 12:00:00
cve
cve
CVE-2015-5621
2015-08-19 15:59:09
CVE-2014-3565
2014-10-07 14:55:04
oraclelinux
oraclelinux
net-snmp security update
2015-08-17 00:00:00
net-snmp security and bug fix update
2015-11-23 00:00:00
net-snmp security and bug fix update
2015-07-28 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:07:07
Denial Of Service (DoS)
2019-01-15 09:06:52
Denial Of Service (DoS)
2019-05-02 05:17:56
cvelist
cvelist
CVE-2015-5621
2015-08-19 15:00:00
CVE-2014-3565
2014-10-07 14:00:00
ubuntucve
ubuntucve
CVE-2015-5621
2015-07-31 00:00:00
CVE-2014-3565
2014-10-07 00:00:00
CVE-2018-18066
2018-10-08 00:00:00
gentoo
gentoo
SNMP: Denial of service
2015-07-10 00:00:00
centos
centos
net security update
2015-07-26 14:12:35
net security update
2015-11-30 19:45:16
net security update
2015-08-17 16:22:33
fedora
fedora
[SECURITY] Fedora 19 Update: net-snmp-5.7.2-15.fc19
2014-09-10 13:27:10
[SECURITY] Fedora 20 Update: net-snmp-5.7.2-18.fc20
2014-09-09 22:10:31
[SECURITY] Fedora 21 Update: net-snmp-5.7.2-23.fc21
2014-09-23 05:00:09
redhat
redhat
(RHSA-2015:1385) Moderate: net-snmp security and bug fix update
2015-07-22 00:00:00
(RHSA-2015:2345) Moderate: net-snmp security and bug fix update
2015-11-19 13:36:48
(RHSA-2015:1636) Moderate: net-snmp security update
2015-08-17 00:00:00
mageia
mageia
Updated net-snmp packages fix CVE-2014-3565
2014-09-05 13:07:37
ics
ics
Siemens Industrial Products SNMP (Update F)
2022-04-14 12:00:00
debian
debian
[SECURITY] [DSA 4154-1] net-snmp security update
2018-03-28 09:21:30
[SECURITY] [DSA 4154-1] net-snmp security update
2018-03-28 09:21:30
archlinux
archlinux
[ASA-201810-11] net-snmp: multiple issues
2018-10-17 00:00:00
osv
osv
net-snmp - security update
2018-03-26 00:00:00
net-snmp - security update
2018-03-28 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1929
2021-07-02 17:32:57

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.082 Low

EPSS

Percentile

94.4%

JSON
Related for UBUNTU_USN-2711-1.NASL
securityvulns7openvas21ubuntu1ibm19cloudfoundry1prion2debiancve2nessus35freebsd2f54nvd2amazon1cve2oraclelinux3veracode3cvelist2ubuntucve4gentoo1centos3fedora3redhat3mageia1ics1debian2archlinux1osv2rosalinux1