Back to search
CVE-2019-5610
Published: Aug 29, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. A remote user could cause an out-of-bounds read or trigger a crash of the software such as bsnmpd resulting in a denial of service.
| Vendor | Product | Versions |
|---|---|---|
n/a | FreeBSD | affected 12.0-RELEASE before 12.0-RELEASE-p9affected 11.3-RELEASE before 11.3-RELEASE-p2affected 11.2-RELEASE before 11.2-RELEASE-p13 |
References
FreeBSD-SA-19:20
vendor-advisory
x_refsource_FREEBSD
20190806 FreeBSD Security Advisory FreeBSD-SA-19:20.bsnmp
mailing-list
x_refsource_BUGTRAQ
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:20.bsnmp.asc
x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20190910-0002/
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now