VMSA-2010-0003 : ESX Service Console update for net-snmp

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.

Synopsis :

The remote VMware ESX host is missing a security-related patch.

Description :

a. Service Console package net-snmp updated

This patch updates the service console package for net-snmp,
net-snmp-utils, and net-snmp-libs to version
net-snmp-5.0.9-2.30E.28. This net-snmp update fixes a divide-by-
zero flaw in the snmpd daemon. A remote attacker could issue a
specially crafted GETBULK request that could cause the snmpd daemon
to fail.

This vulnerability was introduced by an incorrect fix for

The Common Vulnerabilities and Exposures Project (cve.mitre.org) has
assigned the name CVE-2009-1887 to this issue.

Note: After installing the previous patch for net-snmp
(ESX350-200901409-SG), running the snmpbulkwalk command with the
parameter -CnX results in no output, and the snmpd daemon stops.

See also :


Solution :

Apply the missing patch.

Risk factor :

Medium / CVSS Base Score : 5.0

Family: VMware ESX Local Security Checks

Nessus Plugin ID: 44642 ()

Bugtraq ID:

CVE ID: CVE-2009-1887