SNMP GETBULK Large max-repetitions Remote DoS

This script is Copyright (C) 2007-2012 Tenable Network Security, Inc.


Synopsis :

The remote SNMP daemon is susceptible to a denial of service attack.

Description :

It is possible to disable the remote SNMP daemon by sending a GETBULK
request with a large value for 'max-repetitions'. A remote attacker
may be able to leverage this issue to cause the daemon to consume
excessive memory and CPU on the affected system while it tries
unsuccessfully to process the request, thereby denying service to
legitimate users.

See also :

http://www.nessus.org/u?5aef7a73
http://www.nessus.org/u?355da3c5

Solution :

Disable the SNMP service on the remote host if you do not use it.
Otherwise, upgrade to version 5.4.1 or later if using Net-SNMP.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: SNMP

Nessus Plugin ID: 27841 ()

Bugtraq ID: 26378

CVE ID: CVE-2007-5846