Vulnerability CVE-2020-24361: Information
Description
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknown_trap_exec.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
snmptt | sisyphus | 1.4.2-alt1 | 1.4.2-alt1 | ALT-PU-2020-3129-1 | 260492 | Fixed |
snmptt | p10 | 1.4.2-alt1 | 1.4.2-alt1 | ALT-PU-2020-3129-1 | 260492 | Fixed |
snmptt | p9 | 1.4.2-alt1 | 1.4.2-alt1 | ALT-PU-2020-3174-1 | 260493 | Fixed |
snmptt | c10f2 | 1.4.2-alt1 | 1.4.2-alt1 | ALT-PU-2020-3129-1 | 260492 | Fixed |
snmptt | c9f2 | 1.4.2-alt1 | 1.4.2-alt1 | ALT-PU-2024-3798-3 | 342504 | Fixed |
snmptt | p11 | 1.4.2-alt1 | 1.4.2-alt1 | ALT-PU-2020-3129-1 | 260492 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
http://www.snmptt.org/changelog.shtml |
|
http://www.snmptt.org/changelog.shtml |
|
[debian-lts-announce] 20201002 [SECURITY] [DLA 2393-1] snmptt security update |
|
[debian-lts-announce] 20201002 [SECURITY] [DLA 2393-1] snmptt security update |
|
GLSA-202007-63 |
|
GLSA-202007-63 |
|