CVE-2007-5846
net-snmp - denial of service
EPSS 15.4%
Description
The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value.
How to fix CVE-2007-5846
To remediate CVE-2007-5846, upgrade the affected package to a fixed version below.
- Debian/net-snmp—upgrade to 5.4.1~dfsg-1 or later
- Debian/net-snmp—upgrade to 5.2.3-7etch2 or later
- Debian/net-snmp—upgrade to 5.3.1-8+lenny1 or later
Is CVE-2007-5846 being exploited?
Moderate — EPSS is 15.4%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (3)
- from 0, < 5.4.1~dfsg-1
- from 0, < 5.2.3-7etch2
- from 0, < 5.3.1-8+lenny1