CVE-2015-8100
Summary
| CVE | CVE-2015-8100 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-11-10 03:59:00 UTC |
| Updated | 2016-12-07 18:26:00 UTC |
| Description | The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file. |
Risk And Classification
Problem Types: CWE-200
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| OpenBSD Net-snmp Default File Permissions Let Local Users View SNMP Passwords - SecurityTracker | SECTRACK | www.securitytracker.com | |
| oss-security - CVE request: net-snmp OpenBSD package - insecure file permission vulnerability | MLIST | www.openwall.com | |
| OpenBSD net-snmp Information Disclosure ≈ Packet Storm | MISC | packetstormsecurity.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 296078 Oracle Solaris 11.4 Support Repository Update (SRU) 16.4.0 Missing (CPUOCT2019)
- 502627 Alpine Linux Security Update for net-snmp
- 502746 Alpine Linux Security Update for net-snmp
- 900201 CBL-Mariner Linux Security Update for net-snmp 5.8
- 900202 CBL-Mariner Linux Security Update for ctags 5.8
- 903058 Common Base Linux Mariner (CBL-Mariner) Security Update for net-snmp (1894)