GLSA-200808-02 : Net-SNMP: Multiple vulnerabilities
Critical Nessus Plugin ID 33832
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200808-02 (Net-SNMP: Multiple vulnerabilities)
Wes Hardaker reported that the SNMPv3 HMAC verification relies on the client to specify the HMAC length (CVE-2008-0960). John Kortink reported a buffer overflow in the Perl bindings of Net-SNMP when processing the OCTETSTRING in an attribute value pair (AVP) received by an SNMP agent (CVE-2008-2292).
An attacker could send SNMPv3 packets to an instance of snmpd providing a valid user name and an HMAC length value of 1, and easily conduct brute-force attacks to bypass SNMP authentication. An attacker could further entice a user to connect to a malicious SNMP agent with an SNMP client using the Perl bindings, possibly resulting in the execution of arbitrary code.
There is no known workaround at this time.
SolutionAll Net-SNMP users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-analyzer/net-snmp-126.96.36.199'