CVE-2008-4309

MEDIUM

Description

Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats.

References

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html

http://marc.info/?l=bugtraq&m=125017764422557&w=2

http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-2-5-1/net-snmp/agent/snmp_agent.c?r1=17271&r2=17272&pathrev=17272

http://secunia.com/advisories/32539

http://secunia.com/advisories/32560

http://secunia.com/advisories/32664

http://secunia.com/advisories/32711

http://secunia.com/advisories/33003

http://secunia.com/advisories/33095

http://secunia.com/advisories/33631

http://secunia.com/advisories/33746

http://secunia.com/advisories/33821

http://secunia.com/advisories/35074

http://secunia.com/advisories/35679

http://security.gentoo.org/glsa/glsa-200901-15.xml

http://sourceforge.net/forum/forum.php?forum_id=882903

http://sunsolve.sun.com/search/document.do?assetkey=1-26-262908-1

http://support.apple.com/kb/HT3549

http://support.apple.com/kb/HT4298

http://support.avaya.com/elmodocs2/security/ASA-2008-467.htm

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0315

http://www.debian.org/security/2008/dsa-1663

http://www.mandriva.com/security/advisories?name=MDVSA-2008:225

http://www.openwall.com/lists/oss-security/2008/10/31/1

http://www.redhat.com/support/errata/RHSA-2008-0971.html

http://www.securityfocus.com/archive/1/498280/100/0/threaded

http://www.securityfocus.com/bid/32020

http://www.securitytracker.com/id?1021129

http://www.ubuntu.com/usn/usn-685-1

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

http://www.vmware.com/security/advisories/VMSA-2009-0001.html

http://www.vupen.com/english/advisories/2008/2973

http://www.vupen.com/english/advisories/2008/3400

http://www.vupen.com/english/advisories/2009/0301

http://www.vupen.com/english/advisories/2009/1297

http://www.vupen.com/english/advisories/2009/1771

https://exchange.xforce.ibmcloud.com/vulnerabilities/46262

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6171

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6353

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9860

Details

Source: MITRE

Published: 2008-10-31

Updated: 2018-10-11

Type: CWE-20

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Tenable Plugins

View all (28 total)

IDNameProductFamilySeverity
127171NewStart CGSL MAIN 5.04 : net-snmp Multiple Vulnerabilities (NS-SA-2019-0017)NessusNewStart CGSL Local Security Checks
critical
107861Solaris 10 (x86) : 120273-33NessusSolaris Local Security Checks
critical
107359Solaris 10 (sparc) : 120272-31NessusSolaris Local Security Checks
critical
67761Oracle Linux 3 / 4 / 5 : net-snmp (ELSA-2008-0971)NessusOracle Linux Local Security Checks
medium
60487Scientific Linux Security Update : net-snmp on SL3.x, SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
51342Apple Time Capsule and AirPort Base Station Firmware < 7.5.2 (APPLE-SA-2010-12-16-1)NessusMisc.
high
41256SuSE9 Security Update : net-snmp (YOU Patch Number 12298)NessusSuSE Local Security Checks
medium
40387VMSA-2009-0001 : ESX patches address an issue loading corrupt virtual disks and update Service Console packagesNessusVMware ESX Local Security Checks
critical
40046openSUSE Security Update : libsnmp15 (libsnmp15-319)NessusSuSE Local Security Checks
medium
38744Mac OS X 10.5.x < 10.5.7 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
38743Mac OS X Multiple Vulnerabilities (Security Update 2009-002)NessusMacOS X Local Security Checks
critical
38099Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : net-snmp vulnerabilities (USN-685-1)NessusUbuntu Local Security Checks
critical
37176CentOS 3 / 4 / 5 : net-snmp (CESA-2008:0971)NessusCentOS Local Security Checks
medium
36859Mandriva Linux Security Advisory : net-snmp (MDVSA-2008:225)NessusMandriva Local Security Checks
medium
36774Fedora 10 : net-snmp-5.4.2.1-1.fc10 (2008-10451)NessusFedora Local Security Checks
medium
35460SuSE 10 Security Update : net-snmp (ZYPP Patch Number 5807)NessusSuSE Local Security Checks
medium
35444GLSA-200901-15 : Net-SNMP: Denial of ServiceNessusGentoo Local Security Checks
medium
35027openSUSE 10 Security Update : libsnmp15 (libsnmp15-5808)NessusSuSE Local Security Checks
medium
34783Slackware 12.0 / 12.1 / current : net-snmp (SSA:2008-320-02)NessusSlackware Local Security Checks
medium
34770FreeBSD : net-snmp -- DoS for SNMP agent via crafted GETBULK request (daf045d7-b211-11dd-a987-000c29ca8953)NessusFreeBSD Local Security Checks
medium
34720Debian DSA-1663-1 : net-snmp - several vulnerabilitiesNessusDebian Local Security Checks
critical
34704Fedora 9 : net-snmp-5.4.1-19.fc9 (2008-9367)NessusFedora Local Security Checks
medium
34703Fedora 8 : net-snmp-5.4.1-8.fc8 (2008-9362)NessusFedora Local Security Checks
medium
34691RHEL 3 / 4 / 5 : net-snmp (RHSA-2008:0971)NessusRed Hat Local Security Checks
medium
25391Solaris 10 (x86) : 120273-42 (deprecated)NessusSolaris Local Security Checks
critical
25272Solaris 10 (sparc) : 120272-40 (deprecated)NessusSolaris Local Security Checks
critical
5023Mac OS X 10.5 < 10.5.7 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
800792Mac OS X 10.5 < 10.5.7 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high