CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2005-1740

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0090%
EPSS Percentile17.33th
Published2005年5月24日
Last Modified2026年4月16日

Vulnerability Description

fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack.

Affected Platforms (CPE)

📦
Net Snmp

Net Snmp

= 5.0.1
📦
Net Snmp

Net Snmp

= 5.0.3
📦
Net Snmp

Net Snmp

= 5.0.4_pre2
📦
Net Snmp

Net Snmp

= 5.0.5
📦
Net Snmp

Net Snmp

= 5.0.6
📦
Net Snmp

Net Snmp

= 5.0.7
📦
Net Snmp

Net Snmp

= 5.0.8
📦
Net Snmp

Net Snmp

= 5.0.9
📦
Net Snmp

Net Snmp

= 5.1.2

References & Advisories

🔗 http://secunia.com/advisories/15471
🔗 http://secunia.com/advisories/16999
🔗 http://secunia.com/advisories/17135
🔗 http://secunia.com/advisories/18635
🔗 http://security.gentoo.org/glsa/glsa-200505-18.xml
🔗 http://securitytracker.com/id?1014039
🔗 http://www.mandriva.com/security/advisories?name=MDKSA-2006:025
🔗 http://www.osvdb.org/16778

相關漏洞威脅

CVE-2008-096010.0

SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) e...

CVE-2005-483710.0

snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx m...

CVE-2018-10001169.8

NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.

CVE-2018-203969.8

NET&SYS MNG2120J 5.76.1006c and MNG6300 5.83.6305jrc2 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.449...