By Ionut Arghire on February 04, 2020
Vulnerabilities recently patched in Mini-SNMPD could be abused for denial-of-service (DoS) attacks or to obtain sensitive information, Cisco Talos’ security researchers report.
Mini-SNMPD is a lightweight implementation of a Simple Network Management Protocol server, mainly targeted at embedded systems, courtesy of its small code size and memory footprint. It works on both x86 and ARM platforms running Ubuntu, Alpine Linux, and FreeBSD.
Talos’ researchers discovered a total of three vulnerabilities in Mini-SNMPD, including two out-of-bounds read bugs and one stack overflow.
