CVE-2014-2284

Publication date 24 March 2014

Last updated 24 July 2024

Ubuntu priority

The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
net-snmp	13.10 saucy	Fixed 5.7.2~dfsg-8ubuntu1.1
	12.10 quantal	Not affected
	12.04 LTS precise	Not affected
	10.04 LTS lucid	Not affected

How can I get the fixes?
What do statuses mean?
Patch details

Notes

mdeslaur

5.4 is not affected

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
net-snmp	Upstream: http://sourceforge.net/p/net-snmp/code/ci/a1fd64716f6794c55c34d77e618210238a73bfa1/

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-2166-1
Net-SNMP vulnerabilities
14 April 2014

Other references

http://www.openwall.com/lists/oss-security/2014/03/05/2
http://sourceforge.net/p/net-snmp/mailman/message/32026655/
https://www.cve.org/CVERecord?id=CVE-2014-2284