CVE-2015-5677 Freebsd CVE debrief

Who should care

FreeBSD administrators and operators who use bsnmpd, especially on the affected FreeBSD releases 9.3, 10.1, and 10.2. Any environment that relies on SNMP USM credentials stored in snmpd.config should treat this as a credential exposure risk.

Technical summary

NVD describes the vulnerability as a permissions problem on snmpd.config in bsnmpd: the file was world-readable, allowing local users to obtain the secret key for USM authentication by reading it. The NVD record maps the issue to CWE-200 and includes affected CPEs for FreeBSD 9.3, 10.1, and 10.2. The CVSS vector is AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, reflecting confidentiality impact from local file access.

Defensive priority

Medium. The issue is limited to local access, but it directly exposes authentication material and can undermine SNMP security on affected hosts.

Recommended defensive actions

• Apply the FreeBSD vendor advisory for bsnmpd (FreeBSD-SA-16:06.bsnmpd).
• Verify that snmpd.config is not world-readable and that file permissions are restricted to the intended service account and administrators.
• Audit whether bsnmpd is enabled on any affected FreeBSD 9.3, 10.1, or 10.2 systems and remove or disable it if not needed.
• Treat any exposed USM secret key as compromised and rotate or replace affected SNMP credentials.
• Review local access controls on affected hosts, since exploitation requires a local user context.

Evidence notes

The vulnerability description supplied in the CVE states that bsnmpd in FreeBSD 9.3, 10.1, and 10.2 used world-readable permissions on snmpd.config, allowing local users to obtain the secret key for USM authentication. The NVD metadata identifies CWE-200 and the CVSS vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. NVD reference links include the FreeBSD vendor advisory FreeBSD-SA-16:06.bsnmpd and a third-party advisory at pierrekim.github.io, both provided in the source corpus.

Official resources