Re: CVE request for two net-snmp remote DoS flaws

[cve-assign () mitre org]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> 1. net-snmp: denial of service flaw in Linux implementation of ICMP-MIB

> https://bugzilla.redhat.com/show_bug.cgi?id=1070396
> http://sourceforge.net/p/net-snmp/code/ci/a1fd64716f6794c55c34d77e618210238a73bfa1/

A first look at the patch suggests that it's about missing input
validation, and not also about independently exploitable off-by-one
errors in the sizes of data structures. In other words, although
something like:

  - struct icmp_msg_mib vals[255];
  + struct icmp_msg_mib vals[256];

would often be an independent security fix (255 is an unusual size),
here it's not a security fix relative to the original code. If other
analysis shows that that's incorrect, we'll add another CVE ID.

Use CVE-2014-2284 for the missing input validation.


> 2. net-snmp: snmptrapd crash when using a trap with empty community string
> https://bugzilla.redhat.com/show_bug.cgi?id=1072778
> https://bugzilla.redhat.com/show_bug.cgi?id=1072044
> http://sourceforge.net/p/net-snmp/patches/1275/

Use CVE-2014-2285.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTF3S0AAoJEKllVAevmvms15wH/A2vbg+phBFo/ChivsN7fVRJ
iVCRCFG7b81xVeZmnMPE0EM1YXaGefG9cYdKmRtnaCO5p2anuuJgzpjB+rE37C7a
T2+rZIrhmkyOYmxUoebGrzwAqU7l0IqLfP5GOZJ8vbuaVyMWd8VJ6nlzmq8kF1yZ
fGToucAz2jsDKOctGs6R8GGkKjNI5WdpgxkgQ6rrEdW0VfQzW7uz0AcgdXtmHjx1
DerxDuhQxTGGrT+salAa3n8eNV7kBmfsroR72gv7agdW2hZ7E74c5CZG8hfwmNgN
qcijF53zMJ46+u5nbm84ic7Rtopms/edABSd/DmZVHRGEs+ZILpvcWX47nX3wAM=
=BxeE
-----END PGP SIGNATURE-----