Ubuntu update for net-snmp
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2020-15861 CVE-2020-15862 |
| CWE-ID | CWE-61 CWE-732 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system snmpd (Ubuntu package) Operating systems & Components / Operating system package or component libsnmp30 (Ubuntu package) Operating systems & Components / Operating system package or component libsnmp-perl (Ubuntu package) Operating systems & Components / Operating system package or component libsnmp-base (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) UNIX symbolic link following
EUVDB-ID: #VU45744
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-15861
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a symlink following issue in snmpd. A local user can bypass implemented security mechanism via *snmp-mibs-downloader package* and execute arbitrary commands on the system as root.
Update the affected package net-snmp to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 18.04
snmpd (Ubuntu package): before 5.7.2~dfsg-8.1ubuntu3.3+esm2
libsnmp30 (Ubuntu package): before 5.7.2~dfsg-8.1ubuntu3.3+esm2
libsnmp-perl (Ubuntu package): before 5.7.2~dfsg-8.1ubuntu3.3+esm2
libsnmp-base (Ubuntu package): before 5.7.2~dfsg-8.1ubuntu3.3+esm2
CPE2.3- cpe:2.3:o:canonical:ubuntu:14.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:snmpd_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:libsnmp30_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:libsnmp-perl_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:libsnmp-base_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-4471-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Incorrect permission assignment for critical resource
EUVDB-ID: #VU45745
Risk: Medium
CVSSv4.0: 5.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-15862
CWE-ID:
CWE-732 - Incorrect Permission Assignment for Critical Resource
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to insecure permissions set by the Net-snmp installed on Debian-based systems. A remote user can overwrite files in net-snmp directory via EXTEND MIB and execute arbitrary code on the system with root privileges.
Update the affected package net-snmp to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 18.04
snmpd (Ubuntu package): before 5.7.2~dfsg-8.1ubuntu3.3+esm2
libsnmp30 (Ubuntu package): before 5.7.2~dfsg-8.1ubuntu3.3+esm2
libsnmp-perl (Ubuntu package): before 5.7.2~dfsg-8.1ubuntu3.3+esm2
libsnmp-base (Ubuntu package): before 5.7.2~dfsg-8.1ubuntu3.3+esm2
CPE2.3- cpe:2.3:o:canonical:ubuntu:14.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:snmpd_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:libsnmp30_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:libsnmp-perl_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:libsnmp-base_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-4471-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
