Headline
CVE-2020-15861: [Ticket#2020070701000015] Security issues in net-snmp · Issue #145 · net-snmp/net-snmp
Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following.
Dear all,
In the course of a penetration test performed by our security analysts, we have noticed some security vulnerabilities in net-snmp.
Your deprecated bug tracker (http://www.net-snmp.org/bugs/) redirects to Github. Sadly, Github does not support creating private issues for security relevant bugs.
We would like to send you the findings in an encrypted manner to enable you to mitigate them.
For encrypted communication, we can offer a web-based platform hosted by us, or we can offer to encrypt our e-mails via S/MIME or PGP. Please let us know which method fits you best. In order to transmit our findings via email, we will need either a public S/MIME certificate or your public PGP key of an active and trustworthy contributor of this project.
As stated in our Responsible Disclosure Guideline (see https://www.usd.de/wp-content/uploads/2017/10/usd-Responsible-Disclosure-EN.pdf), we will treat the vulnerabilities as confidential. We will grant you a time frame of 60 days to release a patch. After that deadline, we will reserve the right to publish the vulnerabilities.
Sincerely,
usd responsible disclosure team
About usd AG
usd AG protects companies from hackers and criminals. As an accredited auditor, we consult and certify companies worldwide. Our work is as dynamic and diverse as current threats. We review IT systems, applications and processes for security vulnerabilities and help with their mitigation. With our Security Trainings, we raise security awareness; the CST Academy promotes an active dialogue and a transfer of knowledge.
www.usd.de
more security. usd
…
Registered office: 63263 Neu-Isenburg
Local court of Offenbach: HRB 34667
Executive Board: Andreas Duchmann, Manfred Tubach (CEO)
Chairman supervisory board: Dr. Dietmar Kirchner
VAT ID: DE 163774242
…
Related news
Cross Site Request Forgery (CSRF) vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload.
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch.
Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.