NET-SNMP Information for VU#854306

Multiple vulnerabilities in SNMPv1 request handling

Status

Affected

Vendor Statement

All ucd-snmp version prior to 4.2.2 are susceptible to this vulnerability and users of versions prior to version 4.2.2 are encouraged to upgrade their software as soon as possible ( http://www.net-snmp.org/download/ ).  Version 4.2.2 and higher are not susceptible.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.