Rapid7 Vulnerability & Exploit Database

Net-SNMP Trap And Request Handling Vulnerabilities

Back to Search

Net-SNMP Trap And Request Handling Vulnerabilities

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
02/13/2002
Created
07/25/2018
Added
11/01/2004
Modified
12/04/2013

Description

Net-SNMP is a freely available, open source implementation of the SNMP protocol. It was previously known as UCD-SNMP.

SNMP requests are messages sent from manager to agent systems. They typically poll the agent for current performance or configuration information, ask for the next SNMP object in a Management Information Base (MIB), or modify the configuration settings of the agent. SNMP traps are messages sent from agent to manager systems. They typically notify the manager that some event has occured or otherwise provide information about the status of the agent.

Multiple vulnerabilities have been discovered in this SNMP implementation. A number of PROTOS test cases cause UCD-SNMP to crash or experience great delays.

Solution(s)

  • snmp-ucd-0001

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;