#48 Official patch for CVE-2014-3565

[Jan Safranek]

Remote denial-of-service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option. If an attacker sent an SNMP trap containing variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.

Affected Net-SNMP versions:
Net-SNMP 5.7.0 - 5.7.2.1
Net-SNMP 5.6.0 - 5.6.2.1
Net-SNMP 5.5.0 - 5.5.2.1
Net-SNMP 5.4.0 - 5.4.4

(unsupported releases older than 5.4 were not evaluated)

[Jan Safranek]

This patch has been pushed to 5.4, 5.5, 5.6 and 5.7 branches and it will be part of following Net-SNMP releases.