NetSNMP vulnerabilty [CVE-2015-5621]

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2015-011 CVE-2015-5621 04/13/2015 low v2

Vulnerability details

A vulnerability has been disclosed in NetSNMP.

An attacker could cause a memory leak in snmp_pdu_parse() in order to cause a denial of service attack.

Impacted products

ProductsSeverityDetail
Stormshield Network Security low The product embeds a vulnerable version of NetSNMP
Fast360 low The product embeds a vulnerable version of NetSNMP
Netasq low The product embeds a vulnerable version of NetSNMP

Revisions

Version Date Description
v1 08/18/2015 Initial release
v2 04/15/2016 Add Netasq and SNS products

 



Stormshield Network Security

CVSS v2 Overall Score: 2.2      

Analysis

Impacted version

A memory leak present in snmp_pdu_parse() could cause a crash of NetSNMP in SNS appliances.
  • SNS 1.0.0 to 1.4.4
  • SNS 2.0.0 to 2.3.4

Workaround solution

Solution

There is no workaround solution.

The 1.5.0 and 2.4.0 updates will fix this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Adjacent Network High None None None Partial
CVSS Base score: 1.8 CVSS Vector: (AV:A/AC:H/Au:N/C:N/I:N/A:P)
Exploitability Remediation Level Report Confidence
Unproven that exploit exists Official fix Confirmed
CVSS Temporal score: 1.3 CVSS Vector: (AV:A/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
Low High [76-100%]
CVSS Environmental score: 2.2 CVSS Vector: (AV:A/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C/CDP:L/TD:H/CR:ND/IR:ND/AR:ND)


Fast360

CVSS v2 Overall Score: 2.2      

Analysis

Impacted version

A memory leak present in snmp_pdu_parse() could cause a crash of NetSNMP in FAST360 appliances.
  • Arkoon Fast360 5.0/1 to 5.0/34
  • Arkoon Fast360 6.0/1 to 5.0/8

Workaround solution

Solution

A patch is available in versions 5.0/35 and 6.0/9. These versions are available for download through our Early Access Release (EAR) program which can be accessed by registering to the community via https://open.arkoon.net/ear-acceder-a-nos-prochaines-version-en-avant-premiere

These versions will be made publicly available through our main update servers on 29 Sepetember 2015.

5.0/35 and 6.0/9 updates fix this vulnerability. You are strongly advised to update your appliances.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Adjacent Network High None None None Partial
CVSS Base score: 1.8 CVSS Vector: (AV:A/AC:H/Au:N/C:N/I:N/A:P)
Exploitability Remediation Level Report Confidence
Unproven that exploit exists Official fix Confirmed
CVSS Temporal score: 1.3 CVSS Vector: (AV:A/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
Low High [76-100%]
CVSS Environmental score: 2.2 CVSS Vector: (AV:A/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C/CDP:L/TD:H/CR:ND/IR:ND/AR:ND)


Netasq

CVSS v2 Overall Score: 2.2      

Analysis

Impacted version

A memory leak present in snmp_pdu_parse() could cause a crash of NetSNMP in Netasq appliances.
  • Netasq 9.0.0 to 9.1.7

Workaround solution

Solution

There is no workaround solution.

The 9.1.8 update will fix this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Adjacent Network High None None None Partial
CVSS Base score: 1.8 CVSS Vector: (AV:A/AC:H/Au:N/C:N/I:N/A:P)
Exploitability Remediation Level Report Confidence
Unproven that exploit exists Official fix Confirmed
CVSS Temporal score: 1.3 CVSS Vector: (AV:A/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
Low High [76-100%]
CVSS Environmental score: 2.2 CVSS Vector: (AV:A/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C/CDP:L/TD:H/CR:ND/IR:ND/AR:ND)