Intrusion PreventionFreeBSD.Bsnmpd.GETBULK.PDU.Stack.Buffer.Overflow
Description
This indicates an attack attempt to exploit a Buffer Overflow vulnerability in FreeBSD Project bsnmpd releng.
The vulnerability is due to an insufficient validation error when the vulnerable software handles a malformed SNMP request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted SNMP request.
Affected Products
FreeBSD Project bsnmpd releng 10.0 prior to r260640
FreeBSD Project bsnmpd releng 8.3 prior to r260647
FreeBSD Project bsnmpd releng 8.4 prior to r260647
FreeBSD Project bsnmpd releng 9.1 prior to r260647
FreeBSD Project bsnmpd releng 9.2 prior to r260647
FreeBSD Project bsnmpd stable 10 prior to r260638
FreeBSD Project bsnmpd stable 8 prior to r260642
FreeBSD Project bsnmpd stable 9 prior to r260642
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version as provided by the Vendor.
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:01.bsnmpd.asc
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 37886 |
| Created | Apr 10, 2014 |
| Updated | Nov 03, 2020 |
| Risk |
|
| CVE ID | CVE-2014-1452 |
| Exploit Prediction Score | 33.17% |
| Default Action | drop |
| Active | |
| Affected OS | BSD |
| Affected App | Other |