|
|
Log in / Subscribe / Register

net-snmp: restriction bypass

Package(s):net-snmp CVE #(s):CVE-2008-6123
Created:February 17, 2009 Updated:June 3, 2010
Description: From the CVE entry: The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion."
Alerts:
Ubuntu USN-946-1 net-snmp 2010-06-02
Gentoo 201001-05 net-snmp 2010-01-13
SuSE SUSE-SR:2010:003 lighttpd, net-snmp/libsnmp15/perl-SNMP, fuse, xpdf 2010-02-09
SuSE SUSE-SR:2009:012 optipng, cups, quagga, pango, strongswan, perl-DBD-Pg, irssi, openssl/libopenssl-devel, net-snmp, ImageMagick/GraphicsMagick, perl, ipsec-tools/novell-ipsec-tools, poppler/libpoppler3/libpoppler4, yast2-ldap-server, tomcat6, gstreamer-plugins/gstreamer010-plugins-bad, apache2-mod_php5 2009-07-03
SuSE SUSE-SR:2009:011 java, realplayer, acroread, apache2-mod_security2, cyrus-sasl, wireshark, ganglia-monitor-core, ghostscript-devel, libwmf, libxine1, net-snmp, ntp, openssl 2009-06-09
CentOS CESA-2009:0295 net-snmp 2009-03-26
Red Hat RHSA-2009:0295-01 net-snmp 2009-03-26
Mandriva MDVSA-2009:056 net-snmp 2009-02-25
Fedora FEDORA-2009-1769 net-snmp 2009-02-17
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds