Multiple Vendor Malformed SNMP Trap Handling DoS

This script is Copyright (C) 2002-2014 Tenable Network Security, Inc.


Synopsis :

The remote SNMP service is vulnerable to denial of service.

Description :

It was possible to disable the remote SNMP daemon by sending a
malformed packet advertising bogus length fields.

An attacker may use this flaw to prevent you from using SNMP to
administer your network (or use other flaws to execute arbitrary code
with the privileges of the SNMP daemon).

See also :

http://www.nessus.org/u?0cb7088a

Solution :

Apply the latest SNMP patches from your vendor.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: SNMP

Nessus Plugin ID: 10858 ()

Bugtraq ID: 4088

CVE ID: CVE-2002-0012