Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2002-0012 | First vendor Publication | 2002-02-13 |
| Vendor | Cve | Last vendor Modification | 2024-11-20 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0012 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:1048 | |||
| Oval ID: | oval:org.mitre.oval:def:1048 | ||
| Title: | SNMP Trap Handling Vulnerability | ||
| Description: | Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2002-0012 | Version: | 1 |
| Platform(s): | Sun Solaris 7 Sun Solaris 8 | Product(s): | snmpdx |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:144 | |||
| Oval ID: | oval:org.mitre.oval:def:144 | ||
| Title: | Windows 2000 SNMPv1 Trap Handling DoS and Privilege Escalation (Test 1) | ||
| Description: | Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2002-0012 | Version: | 4 |
| Platform(s): | Microsoft Windows 2000 | Product(s): | Simple Network Management Protocol (SNMP) |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:161 | |||
| Oval ID: | oval:org.mitre.oval:def:161 | ||
| Title: | Windows NT SNMPv1 Trap Handling DoS and Privilege Escalation | ||
| Description: | Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2002-0012 | Version: | 1 |
| Platform(s): | Microsoft Windows NT | Product(s): | Simple Network Management Protocol (SNMP) |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2005-11-03 | Name : Checks for MS HOTFIX for snmp buffer overruns File : nvt/smb_nt_ms02-006.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 810 | Multiple Vendor Malformed SNMP Trap Handling DoS Many SNMP implementations contain flaws that may allow a remote denial of service. The issue is triggered by exploiting flaws in the way the SNMPv1 protocol processes traps, and will result in loss of availability for the platform. |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | community string buffer overflow attempt with evasion RuleID : 1422-community - Revision : 20 - Type : PROTOCOL-SNMP |
| 2014-01-10 | community string buffer overflow attempt with evasion RuleID : 1422 - Revision : 20 - Type : PROTOCOL-SNMP |
| 2014-01-10 | AgentX/tcp request RuleID : 1421-community - Revision : 19 - Type : PROTOCOL-SNMP |
| 2014-01-10 | AgentX/tcp request RuleID : 1421 - Revision : 19 - Type : PROTOCOL-SNMP |
| 2014-01-10 | trap tcp RuleID : 1420-community - Revision : 19 - Type : PROTOCOL-SNMP |
| 2014-01-10 | trap tcp RuleID : 1420 - Revision : 19 - Type : PROTOCOL-SNMP |
| 2014-01-10 | trap udp RuleID : 1419-community - Revision : 18 - Type : PROTOCOL-SNMP |
| 2014-01-10 | trap udp RuleID : 1419 - Revision : 18 - Type : PROTOCOL-SNMP |
| 2014-01-10 | request tcp RuleID : 1418-community - Revision : 19 - Type : PROTOCOL-SNMP |
| 2014-01-10 | request tcp RuleID : 1418 - Revision : 19 - Type : PROTOCOL-SNMP |
| 2014-01-10 | request udp RuleID : 1417-community - Revision : 18 - Type : PROTOCOL-SNMP |
| 2014-01-10 | request udp RuleID : 1417 - Revision : 18 - Type : PROTOCOL-SNMP |
| 2014-01-10 | broadcast trap RuleID : 1416-community - Revision : 18 - Type : PROTOCOL-SNMP |
| 2014-01-10 | broadcast trap RuleID : 1416 - Revision : 18 - Type : PROTOCOL-SNMP |
| 2014-01-10 | Broadcast request RuleID : 1415-community - Revision : 18 - Type : PROTOCOL-SNMP |
| 2014-01-10 | Broadcast request RuleID : 1415 - Revision : 18 - Type : PROTOCOL-SNMP |
| 2014-01-10 | private access tcp RuleID : 1414-community - Revision : 19 - Type : PROTOCOL-SNMP |
| 2014-01-10 | private access tcp RuleID : 1414 - Revision : 19 - Type : PROTOCOL-SNMP |
| 2014-01-10 | private access udp RuleID : 1413-community - Revision : 19 - Type : PROTOCOL-SNMP |
| 2014-01-10 | private access udp RuleID : 1413 - Revision : 19 - Type : PROTOCOL-SNMP |
| 2014-01-10 | public access tcp RuleID : 1412-community - Revision : 21 - Type : PROTOCOL-SNMP |
| 2014-01-10 | public access tcp RuleID : 1412 - Revision : 21 - Type : PROTOCOL-SNMP |
| 2014-01-10 | public access udp RuleID : 1411-community - Revision : 20 - Type : PROTOCOL-SNMP |
| 2014-01-10 | public access udp RuleID : 1411 - Revision : 20 - Type : PROTOCOL-SNMP |
| 2014-01-10 | community string buffer overflow attempt RuleID : 1409-community - Revision : 20 - Type : PROTOCOL-SNMP |
| 2014-01-10 | community string buffer overflow attempt RuleID : 1409 - Revision : 20 - Type : PROTOCOL-SNMP |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-09-01 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20020212-snmp-msgshttp.nasl - Type : ACT_GATHER_INFO |
| 2002-06-05 | Name : The remote device is missing a vendor-supplied security patch. File : CSCdw67458.nasl - Type : ACT_GATHER_INFO |
| 2002-02-22 | Name : Arbitrary code can be executed on the remote host. File : smb_nt_ms02-006.nasl - Type : ACT_GATHER_INFO |
| 2002-02-13 | Name : The remote SNMP service is vulnerable to denial of service. File : snmp_oversized_length_field_two.nasl - Type : ACT_DENIAL |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:24:01 |
|
| 2024-11-28 12:04:55 |
|
| 2021-05-04 12:01:36 |
|
| 2021-04-22 01:01:43 |
|
| 2020-05-23 00:14:53 |
|
| 2018-10-13 00:22:24 |
|
| 2018-05-03 09:19:24 |
|
| 2016-04-26 12:05:01 |
|
| 2014-02-17 10:24:23 |
|
| 2014-01-19 21:21:36 |
|
| 2013-05-11 12:07:52 |
|
