Detections
Analytics

MiracleLinux 7 : net-snmp-5.7.2-24.el7 (AXSA:2015-708:01)

high Nessus Plugin ID 288957

Synopsis

The remote MiracleLinux host is missing a security update.

Description

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-708:01 advisory.

 SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools:
 an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc.
 You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities.
 Security issues fixed with this release:
 CVE-2014-3565 snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message.
 Fixed bugs:
 * Previously, the clientaddr option in the snmp.conf file affected outgoing messages sent only over IPv4.
 With this release, outgoing IPv6 messages are correctly sent from the interface specified by clientaddr.
 * The Net-SNMP daemon, snmpd, did not properly clean memory when reloading its configuration file with multiple exec entries. Consequently, the daemon terminated unexpectedly. Now, the memory is properly cleaned, and snmpd no longer crashes on reload.
 * Prior to this update, snmpd did not parse complete IPv4 traffic statistics, but reported the number of received or sent bytes in the IP-MIB::ipSystemStatsTable only for IPv6 packets and not for IPv4. This affected objects ipSystemStatsInOctets, ipSystemStatsOutOctets, ipSystemStatsInMcastOctets, and ipSystemStatsOutMcastOctets. Now, the statistics reported by snmpd are collected for IPv4 as well.
 * The Net-SNMP daemon, snmpd, did not correctly detect the file system change from read-only to read- write. Consequently, after remounting the file system into the read-write mode, the daemon reported it to be still in the read-only mode. A patch has been applied, and snmpd now detects the mode changes as expected.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/6094

Plugin Details

Severity: High

ID: 288957

File Name: miracle_linux_AXSA-2015-708.nasl

Version: 1.1

Type: local

Published: 1/16/2026

Updated: 1/16/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2014-3565

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:net-snmp-libs, cpe:/o:miracle:linux:7, p-cpe:/a:miracle:linux:net-snmp-agent-libs, p-cpe:/a:miracle:linux:net-snmp-utils, p-cpe:/a:miracle:linux:net-snmp-devel, p-cpe:/a:miracle:linux:net-snmp

Required KB Items: Host/local_checks_enabled, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/24/2015

Vulnerability Publication Date: 8/31/2014

Reference Information

CVE: CVE-2014-3565