Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).
Software | From | Fixed in |
---|---|---|
net-snmp / net-snmp | 5.1.4 | 5.1.4.x |
net-snmp / net-snmp | 5.2.4 | 5.2.4.x |
net-snmp / net-snmp | 5.4.1 | 5.4.1.x |