CVE-2005-4837

snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177.

Published: Dec 31, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-4837
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

OWASP TOP 10:

A6 - Security Misconfiguration

Affected Software
References

Software	From	Fixed in
sourceforge / net-snmp	-	5.1.2.x
net-snmp / net-snmp	5.0.6	5.0.6.x
net-snmp / net-snmp	5.0.9	5.0.9.x
net-snmp / net-snmp	5.0	5.0.x
net-snmp / net-snmp	5.0.4_pre2	5.0.4_pre2.x
net-snmp / net-snmp	5.0.7	5.0.7.x
net-snmp / net-snmp	5.0.2	5.0.2.x
sourceforge / net-snmp	-	5.2.1.2.x
net-snmp / net-snmp	5.0.1	5.0.1.x
net-snmp / net-snmp	5.0.3	5.0.3.x
sourceforge / net-snmp	-	5.0.9.x
net-snmp / net-snmp	5.0.5	5.0.5.x
net-snmp / net-snmp	5.0.10	5.0.10.x
net-snmp / net-snmp	5.0.8	5.0.8.x

Vulnerability Database

289,599

CVE-2005-4837