CVE-2005-2177 - Vulnerability Details

Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Net-snmp	Net-snmp
Redhat	Enterprise Linux

Configuration 1 [-]

OR	cpe:2.3:a:net-snmp:net-snmp:5.0:::::::*
	cpe:2.3:a:net-snmp:net-snmp:5.0.1:::::::*
	cpe:2.3:a:net-snmp:net-snmp:5.0.2:::::::*
	cpe:2.3:a:net-snmp:net-snmp:5.0.3:::::::*
	cpe:2.3:a:net-snmp:net-snmp:5.0.4_pre2:::::::*
	cpe:2.3:a:net-snmp:net-snmp:5.0.5:::::::*
	cpe:2.3:a:net-snmp:net-snmp:5.0.6:::::::*
	cpe:2.3:a:net-snmp:net-snmp:5.0.7:::::::*
	cpe:2.3:a:net-snmp:net-snmp:5.0.8:::::::*
	cpe:2.3:a:net-snmp:net-snmp:5.0.9:::::::*
	cpe:2.3:a:net-snmp:net-snmp:5.0.10:::::::*
	cpe:2.3:a:net-snmp:net-snmp:5.1.3:::::::*
	cpe:2.3:a:net-snmp:net-snmp:5.2:::::::*
	cpe:2.3:a:net-snmp:net-snmp:5.2.1:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 3
net-snmp-0:5.0.9-2.30E.19	cpe:/o:redhat:enterprise_linux:3	RHSA-2005:373	2005-09-28T00:00:00Z
Red Hat Enterprise Linux 4
net-snmp-0:5.1.2-11.EL4.6	cpe:/o:redhat:enterprise_linux:4	RHSA-2005:395	2005-10-05T00:00:00Z
Red Hat Enterprise Linux AS (Advanced Server) version 2.1
	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2005:720	2005-08-09T00:00:00Z
Red Hat Enterprise Linux ES version 2.1
	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2005:720	2005-08-09T00:00:00Z
Red Hat Enterprise Linux WS version 2.1
	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2005:720	2005-08-09T00:00:00Z
Red Hat Linux Advanced Workstation 2.1
	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2005:720	2005-08-09T00:00:00Z

References

Link	Providers
http://secunia.com/advisories/15930
http://secunia.com/advisories/16999
http://secunia.com/advisories/17007
http://secunia.com/advisories/17135
http://secunia.com/advisories/17217
http://secunia.com/advisories/17282
http://secunia.com/advisories/17343
http://secunia.com/advisories/18635
http://secunia.com/advisories/22875
http://secunia.com/advisories/23058
http://secunia.com/advisories/25373
http://secunia.com/advisories/25432
http://secunia.com/advisories/25787
http://securitytracker.com/id?1017273
http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1
http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf
http://www.debian.org/security/2005/dsa-873
http://www.mandriva.com/security/advisories?name=MDKSA-2006:025
http://www.net-snmp.org/about/ChangeLog.html
http://www.novell.com/linux/security/advisories/2005_24_sr.html
http://www.novell.com/linux/security/advisories/2007_12_sr.html
http://www.novell.com/linux/security/advisories/2007_13_sr.html
http://www.redhat.com/support/errata/RHSA-2005-373.html
http://www.redhat.com/support/errata/RHSA-2005-395.html
http://www.redhat.com/support/errata/RHSA-2005-720.html
http://www.securityfocus.com/archive/1/451404/100/0/threaded
http://www.securityfocus.com/archive/1/451417/100/200/threaded
http://www.securityfocus.com/archive/1/451419/100/200/threaded
http://www.securityfocus.com/archive/1/451426/100/200/threaded
http://www.securityfocus.com/bid/14168
http://www.securityfocus.com/bid/21256
http://www.trustix.org/errata/2005/0034/
http://www.ubuntu.com/usn/usn-190-1
http://www.vmware.com/download/esx/esx-202-200610-patch.html
http://www.vmware.com/download/esx/esx-213-200610-patch.html
http://www.vmware.com/download/esx/esx-254-200610-patch.html
http://www.vupen.com/english/advisories/2006/4502
http://www.vupen.com/english/advisories/2006/4677
http://www.vupen.com/english/advisories/2007/1883
https://nvd.nist.gov/vuln/detail/CVE-2005-2177
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986
https://www.cve.org/CVERecord?id=CVE-2005-2177

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-07-10T04:00:00

Updated: 2024-08-07T22:15:37.664Z

Reserved: 2005-07-10T00:00:00

Link: CVE-2005-2177

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2005-07-11T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2005-2177

Redhat

Severity : Low

Publid Date: 2005-07-01T00:00:00Z

Links: CVE-2005-2177 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-07-08T00:00:00", "descriptions": [{"lang": "en", "value": "Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2006-4502", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4502"}, {"name": "17282", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/17282"}, {"name": "USN-190-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-190-1"}, {"name": "22875", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/22875"}, {"name": "25373", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25373"}, {"name": "oval:org.mitre.oval:def:9986", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986"}, {"name": "21256", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21256"}, {"name": "102725", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"}, {"name": "16999", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/16999"}, {"name": "SUSE-SR:2007:012", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_12_sr.html"}, {"name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"}, {"name": "2005-0034", "tags": ["vendor-advisory", "x_refsource_TRUSTIX"], "url": "http://www.trustix.org/errata/2005/0034/"}, {"name": "DSA-873", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2005/dsa-873"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"}, {"name": "15930", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/15930"}, {"name": "23058", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23058"}, {"name": "ADV-2006-4677", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4677"}, {"name": "18635", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18635"}, {"name": "1017273", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017273"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"}, {"name": "MDKSA-2006:025", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:025"}, {"name": "SUSE-SR:2005:024", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"}, {"name": "ADV-2007-1883", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1883"}, {"name": "RHSA-2005:395", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2005-395.html"}, {"name": "SUSE-SR:2007:013", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_13_sr.html"}, {"name": "17217", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/17217"}, {"name": "RHSA-2005:373", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2005-373.html"}, {"name": "17135", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/17135"}, {"name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"}, {"name": "17007", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/17007"}, {"tags": ["x_refsource_MISC"], "url": "http://www.net-snmp.org/about/ChangeLog.html"}, {"name": "[net-snmp-announce] 20050701 Multiple new Net-SNMP releases to fix a security related bug", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455"}, {"name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"}, {"name": "25787", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25787"}, {"name": "17343", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/17343"}, {"name": "14168", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/14168"}, {"name": "20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"}, {"name": "25432", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25432"}, {"name": "RHSA-2005:720", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2005-720.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-2177", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2006-4502", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4502"}, {"name": "17282", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17282"}, {"name": "USN-190-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-190-1"}, {"name": "22875", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22875"}, {"name": "25373", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25373"}, {"name": "oval:org.mitre.oval:def:9986", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986"}, {"name": "21256", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21256"}, {"name": "102725", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1"}, {"name": "http://www.vmware.com/download/esx/esx-202-200610-patch.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"}, {"name": "16999", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/16999"}, {"name": "SUSE-SR:2007:012", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_12_sr.html"}, {"name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"}, {"name": "2005-0034", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2005/0034/"}, {"name": "DSA-873", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-873"}, {"name": "http://www.vmware.com/download/esx/esx-213-200610-patch.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"}, {"name": "15930", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/15930"}, {"name": "23058", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23058"}, {"name": "ADV-2006-4677", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4677"}, {"name": "18635", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18635"}, {"name": "1017273", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017273"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf"}, {"name": "http://www.vmware.com/download/esx/esx-254-200610-patch.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"}, {"name": "MDKSA-2006:025", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:025"}, {"name": "SUSE-SR:2005:024", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"}, {"name": "ADV-2007-1883", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1883"}, {"name": "RHSA-2005:395", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-395.html"}, {"name": "SUSE-SR:2007:013", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_13_sr.html"}, {"name": "17217", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17217"}, {"name": "RHSA-2005:373", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-373.html"}, {"name": "17135", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17135"}, {"name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"}, {"name": "17007", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17007"}, {"name": "http://www.net-snmp.org/about/ChangeLog.html", "refsource": "MISC", "url": "http://www.net-snmp.org/about/ChangeLog.html"}, {"name": "[net-snmp-announce] 20050701 Multiple new Net-SNMP releases to fix a security related bug", "refsource": "MLIST", "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455"}, {"name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"}, {"name": "25787", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25787"}, {"name": "17343", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17343"}, {"name": "14168", "refsource": "BID", "url": "http://www.securityfocus.com/bid/14168"}, {"name": "20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"}, {"name": "25432", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25432"}, {"name": "RHSA-2005:720", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-720.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T22:15:37.664Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2006-4502", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4502"}, {"name": "17282", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/17282"}, {"name": "USN-190-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-190-1"}, {"name": "22875", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/22875"}, {"name": "25373", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25373"}, {"name": "oval:org.mitre.oval:def:9986", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986"}, {"name": "21256", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/21256"}, {"name": "102725", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"}, {"name": "16999", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/16999"}, {"name": "SUSE-SR:2007:012", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2007_12_sr.html"}, {"name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"}, {"name": "2005-0034", "tags": ["vendor-advisory", "x_refsource_TRUSTIX", "x_transferred"], "url": "http://www.trustix.org/errata/2005/0034/"}, {"name": "DSA-873", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2005/dsa-873"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"}, {"name": "15930", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/15930"}, {"name": "23058", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23058"}, {"name": "ADV-2006-4677", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4677"}, {"name": "18635", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18635"}, {"name": "1017273", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017273"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"}, {"name": "MDKSA-2006:025", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:025"}, {"name": "SUSE-SR:2005:024", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"}, {"name": "ADV-2007-1883", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1883"}, {"name": "RHSA-2005:395", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2005-395.html"}, {"name": "SUSE-SR:2007:013", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2007_13_sr.html"}, {"name": "17217", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/17217"}, {"name": "RHSA-2005:373", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2005-373.html"}, {"name": "17135", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/17135"}, {"name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"}, {"name": "17007", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/17007"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.net-snmp.org/about/ChangeLog.html"}, {"name": "[net-snmp-announce] 20050701 Multiple new Net-SNMP releases to fix a security related bug", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455"}, {"name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"}, {"name": "25787", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25787"}, {"name": "17343", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/17343"}, {"name": "14168", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/14168"}, {"name": "20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"}, {"name": "25432", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25432"}, {"name": "RHSA-2005:720", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2005-720.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-2177", "datePublished": "2005-07-10T04:00:00", "dateReserved": "2005-07-10T00:00:00", "dateUpdated": "2024-08-07T22:15:37.664Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "87B4FDFF-9E09-4AB9-9196-6A01903473B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "21E8FC05-D498-4D5D-B5A3-3F16749B7491", "vulnerable": true}, {"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "0BD964F4-9196-4641-A854-09DA86BCC890", "vulnerable": true}, {"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "44A07BEF-C759-459E-A144-D37C1A55A9C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.4_pre2:*:*:*:*:*:*:*", "matchCriteriaId": "77D95BAC-CCF3-4E8B-BF31-E277B03C0FA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "B97B7D0D-68CC-463D-A14B-3651D8DD4C73", "vulnerable": true}, {"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "CFCF39FC-D220-4F4A-8CBF-B993C65671FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "1B5512FA-8B74-4585-ADEF-F710C0DF83A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "51AAC2EA-8AA7-4303-BD64-74CFC7938D04", "vulnerable": true}, {"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "C872A9B0-0B3C-47B2-82F5-344BEBA221CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "AEE816EA-2CDF-440A-9B7A-D772F38A3A17", "vulnerable": true}, {"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "089CEC52-73AC-41B0-BB7F-F24C42DD16E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "3E2BAAA8-313D-41F2-A98D-3557331E35B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:net-snmp:net-snmp:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "88260A4F-4707-4B79-939A-F1EB2CD4D57B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop."}], "id": "CVE-2005-2177", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-07-11T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/15930"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/16999"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/17007"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/17135"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/17217"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/17282"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/17343"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/18635"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/22875"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23058"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25373"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25432"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25787"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017273"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455"}, {"source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1"}, {"source": "cve@mitre.org", "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-873"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:025"}, {"source": "cve@mitre.org", "url": "http://www.net-snmp.org/about/ChangeLog.html"}, {"source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"}, {"source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2007_12_sr.html"}, {"source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2007_13_sr.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-373.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-395.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-720.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/14168"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/21256"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.trustix.org/errata/2005/0034/"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-190-1"}, {"source": "cve@mitre.org", "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"}, {"source": "cve@mitre.org", "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"}, {"source": "cve@mitre.org", "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/4502"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/4677"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1883"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/15930"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/16999"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/17007"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/17135"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/17217"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/17282"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/17343"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/18635"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/22875"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23058"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25373"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25432"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25787"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1017273"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-873"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:025"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.net-snmp.org/about/ChangeLog.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_12_sr.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_13_sr.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-373.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-395.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-720.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/14168"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/21256"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.trustix.org/errata/2005/0034/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-190-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/4502"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/4677"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1883"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2005:373", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "net-snmp-0:5.0.9-2.30E.19", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2005-09-28T00:00:00Z"}, {"advisory": "RHSA-2005:395", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "net-snmp-0:5.1.2-11.EL4.6", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2005-10-05T00:00:00Z"}, {"advisory": "RHSA-2005:720", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1", "release_date": "2005-08-09T00:00:00Z"}, {"advisory": "RHSA-2005:720", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux ES version 2.1", "release_date": "2005-08-09T00:00:00Z"}, {"advisory": "RHSA-2005:720", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux WS version 2.1", "release_date": "2005-08-09T00:00:00Z"}, {"advisory": "RHSA-2005:720", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Linux Advanced Workstation 2.1", "release_date": "2005-08-09T00:00:00Z"}], "bugzilla": {"description": "security flaw", "id": "1617692", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617692"}, "csaw": false, "details": ["Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop."], "name": "CVE-2005-2177", "public_date": "2005-07-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2005-2177\nhttps://nvd.nist.gov/vuln/detail/CVE-2005-2177"], "threat_severity": "Low"}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object