FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- bsnmpd remote denial of service vulnerability

Affected packages
9.2 <= FreeBSD < 9.2_3
9.1 <= FreeBSD < 9.1_10
8.4 <= FreeBSD < 8.4_7
8.3 <= FreeBSD < 8.3_14

Details

VuXML ID 4c96ecf2-5fd9-11e6-a6c3-14dae9d210b8
Discovery 2014-01-14
Entry 2016-08-11

Problem Description:

The bsnmpd(8) daemon is prone to a stack-based buffer-overflow when it has received a specifically crafted GETBULK PDU request.

Impact:

This issue could be exploited to execute arbitrary code in the context of the service daemon, or crash the service daemon, causing a denial-of-service.

References

CVE Name CVE-2014-1452
FreeBSD Advisory SA-14:01.bsnmpd