F5 Networks BIG-IP : SNMP vulnerability (K17315)
Medium Nessus Plugin ID 91302
SynopsisThe remote device is missing a vendor-supplied security patch.
Descriptionsnmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message. (CVE-2014-3565)
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K17315.