10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.971 High
EPSS
Percentile
99.8%
CentOS Errata and Security Advisory CESA-2008:0528-01
The Simple Network Management Protocol (SNMP) is a protocol used for
network management.
A flaw was found in the way ucd-snmp checked an SNMPv3 packet’s Keyed-Hash
Message Authentication Code (HMAC). An attacker could use this flaw to
spoof an authenticated SNMPv3 packet. (CVE-2008-0960)
All users of ucd-snmp should upgrade to these updated packages, which
contain a backported patch to resolve this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-June/077134.html
Affected packages:
ucd-snmp
ucd-snmp-devel
ucd-snmp-utils
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 2 | i386 | ucd-snmp | < 4.2.5-8.AS21.7 | ucd-snmp-4.2.5-8.AS21.7.i386.rpm |
CentOS | 2 | i386 | ucd-snmp-devel | < 4.2.5-8.AS21.7 | ucd-snmp-devel-4.2.5-8.AS21.7.i386.rpm |
CentOS | 2 | i386 | ucd-snmp-utils | < 4.2.5-8.AS21.7 | ucd-snmp-utils-4.2.5-8.AS21.7.i386.rpm |