{ "schema_version": "1.4.0", "id": "GHSA-vjgw-84x2-wchq", "modified": "2025-04-12T12:33:07Z", "published": "2022-05-17T03:22:57Z", "aliases": [ "CVE-2014-2285" ], "details": "The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2285" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072044" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072778" }, { "type": "WEB", "url": "https://rhn.redhat.com/errata/RHSA-2014-0322.html" }, { "type": "WEB", "url": "http://comments.gmane.org/gmane.comp.security.oss.general/12284" }, { "type": "WEB", "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00060.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00061.html" }, { "type": "WEB", "url": "http://secunia.com/advisories/59974" }, { "type": "WEB", "url": "http://sourceforge.net/p/net-snmp/patches/1275" }, { "type": "WEB", "url": "http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml" }, { "type": "WEB", "url": "http://www.nntp.perl.org/group/perl.perl5.porters/2006/09/msg116250.html" } ], "database_specific": { "cwe_ids": [ "CWE-20" ], "severity": "MODERATE", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2014-04-27T22:55:00Z" } }