CVE-2020-6060 – A stack buffer overflow vulnerability in MiniSN... (How to Fix)

Q: What is the severity of CVE-2020-6060?

CVE-2020-6060 has a CVSS score of 7.5 (HIGH). A stack buffer overflow vulnerability in MiniSNMPD version 1.4 allows attackers to cause denial of service by initiating multiple SNMP connections with specific timing. This affects systems running the vulnerable MiniSNMPD service, potentially disrupting network monitoring.

📋 TL;DR

A stack buffer overflow vulnerability in MiniSNMPD version 1.4 allows attackers to cause denial of service by initiating multiple SNMP connections with specific timing. This affects systems running the vulnerable MiniSNMPD service, potentially disrupting network monitoring.

💻 Affected Systems

Products:

MiniSNMPD

Versions: Version 1.4

Operating Systems: Linux, Unix-like systems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects default installations where MiniSNMPD is running and listening on SNMP port.

📦 What is this software?

Minisnmpd by Minisnmpd Project

View all CVEs affecting Minisnmpd →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service crash leading to denial of service, potentially allowing remote code execution if the overflow can be controlled to execute arbitrary code.

🟠

Likely Case

Service crash and denial of service, disrupting SNMP monitoring capabilities.

🟢

If Mitigated

Limited impact if service is behind firewalls or not internet-facing, with quick restart possible.

🌐 Internet-Facing: HIGH - Attackers can trigger remotely without authentication via SNMP port (typically 161/UDP).

🏢 Internal Only: MEDIUM - Internal attackers or compromised systems could exploit, but requires network access to SNMP service.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit requires timing multiple connections but no authentication or special privileges needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 1.5 or later

Vendor Advisory: https://github.com/troglobit/mini-snmpd

Restart Required: Yes

Instructions:

1. Download latest version from GitHub. 2. Stop MiniSNMPD service. 3. Install new version. 4. Restart service.

🔧 Temporary Workarounds

Firewall Restriction

linux

Block external access to SNMP port (161/UDP)

iptables -A INPUT -p udp --dport 161 -j DROP

Service Disable

linux

Temporarily disable MiniSNMPD if not essential

systemctl stop mini-snmpd
systemctl disable mini-snmpd

🧯 If You Can't Patch

Implement network segmentation to restrict SNMP traffic to trusted management networks only.
Use rate limiting on SNMP connections to prevent the timing attack sequence.

🔍 How to Verify

Check if Vulnerable:

Check MiniSNMPD version: 'mini-snmpd -v' or check running process version.

Check Version:

mini-snmpd -v 2>&1 | grep version

Verify Fix Applied:

Verify version is 1.5 or later and service remains stable under connection testing.

📡 Detection & Monitoring

Log Indicators:

Multiple connection attempts to SNMP port in short timeframe
Service crash/restart logs

Network Indicators:

Unusual spike in UDP/161 traffic from single source
Multiple SNMP connection attempts with timing patterns

SIEM Query:

source_port=161 AND (event_count > 10 WITHIN 1s) OR process_name="mini-snmpd" AND event="crash"

📊 Metadata

CVE ID: CVE-2020-6060

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-787

Published: February 4, 2020

Last Updated: November 21, 2024

🔗 References

https://talosintelligence.com/vulnerability_reports/TALOS-2019-0977 Exploit,Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-0977 Exploit,Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0977 Exploit,Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-0977 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-6060, you might also want to check these: