Vulnerability CVE-2020-24361: Information

Description

SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknown_trap_exec.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Published: Aug. 16, 2020
Modified: Nov. 21, 2024
Error type identifier: CWE-273

Fixed packages

References to Advisories, Solutions, and Tools

Hyperlink
Resource
http://www.snmptt.org/changelog.shtml
  • Release Notes
  • Vendor Advisory
http://www.snmptt.org/changelog.shtml
  • Release Notes
  • Vendor Advisory
[debian-lts-announce] 20201002 [SECURITY] [DLA 2393-1] snmptt security update
  • Mailing List
  • Third Party Advisory
[debian-lts-announce] 20201002 [SECURITY] [DLA 2393-1] snmptt security update
  • Mailing List
  • Third Party Advisory
GLSA-202007-63
  • Third Party Advisory
GLSA-202007-63
  • Third Party Advisory
    1. Configuration 1

      cpe:2.3:a:snmptt:snmptt:*:*:*:*:*:*:*:*
      End excluding
      1.4.2

      Configuration 2

      cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*