๐ FreeBSD 8.3 up to 10.0 GETBULK PDU Request bsnmpd memory corruption
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vuldb.com
A vulnerability classified as very critical has been found in FreeBSD 8.3 up to 10.0 (Operating System). Affected is an unknown code of the file bsnmpd of the component GETBULK PDU Request Handler. Upgrading to version 10.0-RELEASE, 10.0-RC5-p1, 10.0-RC4-p1, 10.0-RC3-p1, 10.0-RC2-p1, 10.0-RC1-p1, 9.2-STABLE, 9.2-RELEASE-p3, 9.1-RELEASE-p10, 8.4-STABLE, 8.4-RELEASE-p7, 8.3-RELEASE-p14 or higher eliminates this vulnerability. The upgrade is hosted for download at freebsd.org. Applying the patch bsnmpd Patch is able to eliminate this problem. The bugfix is ready for download at security.freebsd.org. The best possible mitigation is suggested to be upgrading to the latest version. A possible mitigation has been published immediately after the disclosure of the vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 13774. ...