Vulnerability Report

CVE-2002-0012

Title: SNMP trap handling DoS/privilege gain (PROTOS c06-SNMPv1)

Denial of Service / Privilege escalation

Proof Of Concept

No public PoC currently indexed for CVE-2002-0012.

CWE Category CWE-264

Published Date Feb 13, 2002

Modified Date Apr 03, 2025

Exploit Status Not Found

Score 10.0 CVSS v2.0

Exploit Probability (EPSS)

38.63%

Vulnerability Summary

CVE-2002-0012: Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available.

Impacted Vendors

snmp 1

Reference Links

ftp://patches.sgi.com/support/free/security/advisories/20020201-01-A http://www.cert.org/advisories/CA-2002-03.html http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html http://www.iss.net/security_center/alerts/advise110.php http://www.kb.cert.org/vuls/id/107186 http://www.redhat.com/support/errata/RHSA-2001-163.html http://www.securityfocus.com/advisories/4211 http://www.securityfocus.com/bid/5043 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1048 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A144 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A161 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A298 ftp://patches.sgi.com/support/free/security/advisories/20020201-01-A http://www.cert.org/advisories/CA-2002-03.html http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html http://www.iss.net/security_center/alerts/advise110.php http://www.kb.cert.org/vuls/id/107186 http://www.redhat.com/support/errata/RHSA-2001-163.html http://www.securityfocus.com/advisories/4211 http://www.securityfocus.com/bid/5043 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1048 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A144 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A161 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A298

CVSS v2.0

Source Entity [email protected]

Severity HIGH

10.0

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2002-0012 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

February 13, 2002 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected Stack

No specific products linked.