Search...

Scientific Linux Security Update : net-snmp on SL3.x i386/x86_64

2012-08-01T00:00:00

ID SL_20090326_NET_SNMP_ON_SL3_X.NASL
Type nessus
Reporter This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2012-08-01T00:00:00

Description

It was discovered that the snmpd daemon did not use TCP wrappers correctly, causing network hosts access restrictions defined in '/etc/hosts.allow' and '/etc/hosts.deny' to not be honored. A remote attacker could use this flaw to bypass intended access restrictions. (CVE-2008-6123)

This issue only affected configurations where hosts.allow and hosts.deny were used to limit access to the SNMP server. To obtain information from the server, the attacker would have to successfully authenticate, usually by providing a correct community string.

After installing the update, the snmpd and snmptrapd daemons will be restarted automatically.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(60556);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2008-6123");

  script_name(english:"Scientific Linux Security Update : net-snmp on SL3.x i386/x86_64");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"It was discovered that the snmpd daemon did not use TCP wrappers
correctly, causing network hosts access restrictions defined in
'/etc/hosts.allow' and '/etc/hosts.deny' to not be honored. A remote
attacker could use this flaw to bypass intended access restrictions.
(CVE-2008-6123)

This issue only affected configurations where hosts.allow and
hosts.deny were used to limit access to the SNMP server. To obtain
information from the server, the attacker would have to successfully
authenticate, usually by providing a correct community string.

After installing the update, the snmpd and snmptrapd daemons will be
restarted automatically."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0903&L=scientific-linux-errata&T=0&P=3122
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?93272dfa"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_cwe_id(20);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/03/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " &gt;!&lt; release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu &gt;!&lt; "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL3", reference:"net-snmp-5.0.9-2.30E.27")) flag++;
if (rpm_check(release:"SL3", reference:"net-snmp-devel-5.0.9-2.30E.27")) flag++;
if (rpm_check(release:"SL3", reference:"net-snmp-libs-5.0.9-2.30E.27")) flag++;
if (rpm_check(release:"SL3", reference:"net-snmp-perl-5.0.9-2.30E.27")) flag++;
if (rpm_check(release:"SL3", reference:"net-snmp-utils-5.0.9-2.30E.27")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "SL_20090326_NET_SNMP_ON_SL3_X.NASL", "bulletinFamily": "scanner", "title": "Scientific Linux Security Update : net-snmp on SL3.x i386/x86_64", "description": "It was discovered that the snmpd daemon did not use TCP wrappers\ncorrectly, causing network hosts access restrictions defined in\n'/etc/hosts.allow' and '/etc/hosts.deny' to not be honored. A remote\nattacker could use this flaw to bypass intended access restrictions.\n(CVE-2008-6123)\n\nThis issue only affected configurations where hosts.allow and\nhosts.deny were used to limit access to the SNMP server. To obtain\ninformation from the server, the attacker would have to successfully\nauthenticate, usually by providing a correct community string.\n\nAfter installing the update, the snmpd and snmptrapd daemons will be\nrestarted automatically.", "published": "2012-08-01T00:00:00", "modified": "2012-08-01T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://www.tenable.com/plugins/nessus/60556", "reporter": "This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?93272dfa"], "cvelist": ["CVE-2008-6123"], "type": "nessus", "lastseen": "2021-01-17T13:44:10", "edition": 25, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-6123"]}, {"type": "ubuntu", "idList": ["USN-946-1"]}, {"type": "openvas", "idList": ["OPENVAS:840439", "OPENVAS:65866", "OPENVAS:63642", "OPENVAS:1361412562310840439", "OPENVAS:136141256231065625", "OPENVAS:63707", "OPENVAS:136141256231066738", "OPENVAS:136141256231065866", "OPENVAS:1361412562310880799", "OPENVAS:66738"]}, {"type": "centos", "idList": ["CESA-2009:0295"]}, {"type": "redhat", "idList": ["RHSA-2009:0295"]}, {"type": "gentoo", "idList": ["GLSA-201001-05"]}, {"type": "seebug", "idList": ["SSV:4761"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-201001-05.NASL", "SUSE_11_1_LIBSNMP15-090514.NASL", "SUSE_11_0_LIBSNMP15-090514.NASL", "MANDRIVA_MDVSA-2009-056.NASL", "SUSE_LIBSNMP15-6247.NASL", "ORACLELINUX_ELSA-2009-0295.NASL", "UBUNTU_USN-946-1.NASL", "SUSE_NET-SNMP-6248.NASL", "CENTOS_RHSA-2009-0295.NASL", "SUSE_11_2_LIBSNMP15-100204.NASL"]}, {"type": "fedora", "idList": ["FEDORA:B235C20851F"]}], "modified": "2021-01-17T13:44:10", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2021-01-17T13:44:10", "rev": 2}, "vulnersScore": 5.8}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60556);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-6123\");\n\n script_name(english:\"Scientific Linux Security Update : net-snmp on SL3.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the snmpd daemon did not use TCP wrappers\ncorrectly, causing network hosts access restrictions defined in\n'/etc/hosts.allow' and '/etc/hosts.deny' to not be honored. A remote\nattacker could use this flaw to bypass intended access restrictions.\n(CVE-2008-6123)\n\nThis issue only affected configurations where hosts.allow and\nhosts.deny were used to limit access to the SNMP server. To obtain\ninformation from the server, the attacker would have to successfully\nauthenticate, usually by providing a correct community string.\n\nAfter installing the update, the snmpd and snmptrapd daemons will be\nrestarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0903&L=scientific-linux-errata&T=0&P=3122\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93272dfa\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"net-snmp-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"net-snmp-devel-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"net-snmp-libs-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"net-snmp-perl-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"net-snmp-utils-5.0.9-2.30E.27\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Scientific Linux Local Security Checks", "pluginID": "60556", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T11:51:05", "description": "The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to \"source/destination IP address confusion.\"", "edition": 3, "cvss3": {}, "published": "2009-02-12T16:30:00", "title": "CVE-2008-6123", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-6123"], "modified": "2017-09-29T01:32:00", "cpe": ["cpe:/a:net-snmp:net-snmp:5.0.9", "cpe:/a:net-snmp:net-snmp:5.3.2.2", "cpe:/a:net-snmp:net-snmp:5.0.10", "cpe:/a:net-snmp:net-snmp:5.2.4", "cpe:/o:net-snmp:net_snmp:5.1.1", "cpe:/a:net-snmp:net-snmp:5.1.2", "cpe:/a:net-snmp:net-snmp:5.4.1", "cpe:/a:net-snmp:net-snmp:5.1.3", "cpe:/a:net-snmp:net-snmp:5.2", "cpe:/a:net-snmp:net-snmp:5.3", "cpe:/a:net-snmp:net-snmp:5.1.4", "cpe:/a:net-snmp:net-snmp:5.4.2", "cpe:/o:net-snmp:net_snmp:5.1", "cpe:/a:net-snmp:net-snmp:5.2.1.2_r1", "cpe:/o:net-snmp:net_snmp:5.3.0.1", "cpe:/a:net-snmp:net-snmp:5.2.5", "cpe:/o:net-snmp:net_snmp:5.4", "cpe:/a:net-snmp:net-snmp:5.2.1", "cpe:/a:net-snmp:net-snmp:5.4"], "id": "CVE-2008-6123", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6123", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:net-snmp:net-snmp:5.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.2.1.2_r1:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:net-snmp:net_snmp:5.3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.2:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:net-snmp:net_snmp:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:net-snmp:net_snmp:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.4:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.3:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:net-snmp:net_snmp:5.4:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2018-04-06T11:39:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n net-snmp\n net-snmp-devel\n perl-SNMP\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:136141256231065866", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065866", "type": "openvas", "title": "SLES10: Security update for net-snmp", "sourceData": "#\n#VID slesp2-net-snmp-6248\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for net-snmp\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n net-snmp\n net-snmp-devel\n perl-SNMP\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65866\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-6123\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"SLES10: Security update for net-snmp\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.3.0.1~25.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.3.0.1~25.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-SNMP\", rpm:\"perl-SNMP~5.3.0.1~25.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-06T11:40:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0295.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nIt was discovered that the snmpd daemon did not use TCP wrappers correctly,\ncausing network hosts access restrictions defined in /etc/hosts.allow and\n/etc/hosts.deny to not be honored. A remote attacker could use this flaw\nto bypass intended access restrictions. (CVE-2008-6123)\n\nThis issue only affected configurations where hosts.allow and hosts.deny\nwere used to limit access to the SNMP server. To obtain information from\nthe server, the attacker would have to successfully authenticate, usually\nby providing a correct community string.\n\nAll net-snmp users should upgrade to these updated packages, which contain\na backported patch to correct this issue. After installing the update, the\nsnmpd and snmptrapd daemons will be restarted automatically.", "modified": "2018-04-06T00:00:00", "published": "2009-03-31T00:00:00", "id": "OPENVAS:136141256231063642", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063642", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0295", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0295.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0295 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0295.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nIt was discovered that the snmpd daemon did not use TCP wrappers correctly,\ncausing network hosts access restrictions defined in /etc/hosts.allow and\n/etc/hosts.deny to not be honored. A remote attacker could use this flaw\nto bypass intended access restrictions. (CVE-2008-6123)\n\nThis issue only affected configurations where hosts.allow and hosts.deny\nwere used to limit access to the SNMP server. To obtain information from\nthe server, the attacker would have to successfully authenticate, usually\nby providing a correct community string.\n\nAll net-snmp users should upgrade to these updated packages, which contain\na backported patch to correct this issue. After installing the update, the\nsnmpd and snmptrapd daemons will be restarted automatically.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63642\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-31 19:20:21 +0200 (Tue, 31 Mar 2009)\");\n script_cve_id(\"CVE-2008-6123\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"RedHat Security Advisory RHSA-2009:0295\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0295.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.0.9~2.30E.27\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-debuginfo\", rpm:\"net-snmp-debuginfo~5.0.9~2.30E.27\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.0.9~2.30E.27\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.0.9~2.30E.27\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.0.9~2.30E.27\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.0.9~2.30E.27\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:55:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "description": "Check for the Version of net-snmp", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:880799", "href": "http://plugins.openvas.org/nasl.php?oid=880799", "type": "openvas", "title": "CentOS Update for net-snmp CESA-2009:0295 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for net-snmp CESA-2009:0295 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Simple Network Management Protocol (SNMP) is a protocol used for\n network management.\n\n It was discovered that the snmpd daemon did not use TCP wrappers correctly,\n causing network hosts access restrictions defined in "/etc/hosts.allow" and\n "/etc/hosts.deny" to not be honored. A remote attacker could use this flaw\n to bypass intended access restrictions. (CVE-2008-6123)\n \n This issue only affected configurations where hosts.allow and hosts.deny\n were used to limit access to the SNMP server. To obtain information from\n the server, the attacker would have to successfully authenticate, usually\n by providing a correct community string.\n \n All net-snmp users should upgrade to these updated packages, which contain\n a backported patch to correct this issue. After installing the update, the\n snmpd and snmptrapd daemons will be restarted automatically.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"net-snmp on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-March/015702.html\");\n script_id(880799);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"CESA\", value: \"2009:0295\");\n script_cve_id(\"CVE-2008-6123\");\n script_name(\"CentOS Update for net-snmp CESA-2009:0295 centos3 i386\");\n\n script_summary(\"Check for the Version of net-snmp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.0.9~2.30E.27\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.0.9~2.30E.27\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.0.9~2.30E.27\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.0.9~2.30E.27\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.0.9~2.30E.27\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-26T08:56:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n net-snmp\n net-snmp-devel\n perl-SNMP\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5052020 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65625", "href": "http://plugins.openvas.org/nasl.php?oid=65625", "type": "openvas", "title": "SLES9: Security update for net-snmp", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5052020.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for net-snmp\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n net-snmp\n net-snmp-devel\n perl-SNMP\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5052020 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65625);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-6123\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"SLES9: Security update for net-snmp\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.1.3.1~0.28\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-24T12:49:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201001-05.", "modified": "2017-07-07T00:00:00", "published": "2010-01-20T00:00:00", "id": "OPENVAS:66738", "href": "http://plugins.openvas.org/nasl.php?oid=66738", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201001-05 (net-snmp)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A remote attacker can bypass the tcp-wrappers client authorization in\n net-snmp.\";\ntag_solution = \"All net-snmp users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/net-snmp-5.4.2.1-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201001-05\nhttp://bugs.gentoo.org/show_bug.cgi?id=250429\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201001-05.\";\n\n \n \n\nif(description)\n{\n script_id(66738);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-20 20:07:43 +0100 (Wed, 20 Jan 2010)\");\n script_cve_id(\"CVE-2008-6123\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Gentoo Security Advisory GLSA 201001-05 (net-snmp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-analyzer/net-snmp\", unaffected: make_list(\"ge 5.4.2.1-r1\"), vulnerable: make_list(\"lt 5.4.2.1-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-12-04T11:18:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-946-1", "modified": "2017-12-01T00:00:00", "published": "2010-06-07T00:00:00", "id": "OPENVAS:840439", "href": "http://plugins.openvas.org/nasl.php?oid=840439", "type": "openvas", "title": "Ubuntu Update for net-snmp vulnerability USN-946-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_946_1.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for net-snmp vulnerability USN-946-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The SNMP server did not correctly validate certain UDP clients when using\n TCP wrappers. Under some situations, a remote attacker could bypass\n access restrictions and communicate with the SNMP server, potentially\n leading to a loss of privacy or a denial of service.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-946-1\";\ntag_affected = \"net-snmp vulnerability on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-946-1/\");\n script_id(840439);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-07 15:46:00 +0200 (Mon, 07 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"USN\", value: \"946-1\");\n script_cve_id(\"CVE-2008-6123\");\n script_name(\"Ubuntu Update for net-snmp vulnerability USN-946-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsnmp-dev\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsnmp-perl\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsnmp15-dbg\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsnmp15\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"snmp\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"snmpd\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsnmp-python\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsnmp-base\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tkmib\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-26T08:55:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n net-snmp\n net-snmp-devel\n perl-SNMP\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:65866", "href": "http://plugins.openvas.org/nasl.php?oid=65866", "type": "openvas", "title": "SLES10: Security update for net-snmp", "sourceData": "#\n#VID slesp2-net-snmp-6248\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for net-snmp\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n net-snmp\n net-snmp-devel\n perl-SNMP\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65866);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-6123\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"SLES10: Security update for net-snmp\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.3.0.1~25.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.3.0.1~25.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-SNMP\", rpm:\"perl-SNMP~5.3.0.1~25.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-27T10:56:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0295.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nIt was discovered that the snmpd daemon did not use TCP wrappers correctly,\ncausing network hosts access restrictions defined in /etc/hosts.allow and\n/etc/hosts.deny to not be honored. A remote attacker could use this flaw\nto bypass intended access restrictions. (CVE-2008-6123)\n\nThis issue only affected configurations where hosts.allow and hosts.deny\nwere used to limit access to the SNMP server. To obtain information from\nthe server, the attacker would have to successfully authenticate, usually\nby providing a correct community string.\n\nAll net-snmp users should upgrade to these updated packages, which contain\na backported patch to correct this issue. After installing the update, the\nsnmpd and snmptrapd daemons will be restarted automatically.", "modified": "2017-07-12T00:00:00", "published": "2009-03-31T00:00:00", "id": "OPENVAS:63642", "href": "http://plugins.openvas.org/nasl.php?oid=63642", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0295", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0295.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0295 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0295.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nIt was discovered that the snmpd daemon did not use TCP wrappers correctly,\ncausing network hosts access restrictions defined in /etc/hosts.allow and\n/etc/hosts.deny to not be honored. A remote attacker could use this flaw\nto bypass intended access restrictions. (CVE-2008-6123)\n\nThis issue only affected configurations where hosts.allow and hosts.deny\nwere used to limit access to the SNMP server. To obtain information from\nthe server, the attacker would have to successfully authenticate, usually\nby providing a correct community string.\n\nAll net-snmp users should upgrade to these updated packages, which contain\na backported patch to correct this issue. After installing the update, the\nsnmpd and snmptrapd daemons will be restarted automatically.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63642);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-31 19:20:21 +0200 (Tue, 31 Mar 2009)\");\n script_cve_id(\"CVE-2008-6123\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"RedHat Security Advisory RHSA-2009:0295\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0295.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.0.9~2.30E.27\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-debuginfo\", rpm:\"net-snmp-debuginfo~5.0.9~2.30E.27\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.0.9~2.30E.27\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.0.9~2.30E.27\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.0.9~2.30E.27\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.0.9~2.30E.27\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-19T15:05:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-946-1", "modified": "2018-01-19T00:00:00", "published": "2010-06-07T00:00:00", "id": "OPENVAS:1361412562310840439", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840439", "type": "openvas", "title": "Ubuntu Update for net-snmp vulnerability USN-946-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_946_1.nasl 8469 2018-01-19 07:58:21Z teissa $\n#\n# Ubuntu Update for net-snmp vulnerability USN-946-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The SNMP server did not correctly validate certain UDP clients when using\n TCP wrappers. Under some situations, a remote attacker could bypass\n access restrictions and communicate with the SNMP server, potentially\n leading to a loss of privacy or a denial of service.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-946-1\";\ntag_affected = \"net-snmp vulnerability on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-946-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840439\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-07 15:46:00 +0200 (Mon, 07 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"USN\", value: \"946-1\");\n script_cve_id(\"CVE-2008-6123\");\n script_name(\"Ubuntu Update for net-snmp vulnerability USN-946-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsnmp-dev\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsnmp-perl\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsnmp15-dbg\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsnmp15\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"snmp\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"snmpd\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsnmp-python\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsnmp-base\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"tkmib\", ver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-06T11:39:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "description": "The remote host is missing updates to net-snmp announced in\nadvisory CESA-2009:0295.", "modified": "2018-04-06T00:00:00", "published": "2009-03-31T00:00:00", "id": "OPENVAS:136141256231063707", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063707", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0295 (net-snmp)", "sourceData": "#CESA-2009:0295 63707 4\n# $Id: ovcesa2009_0295.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0295 (net-snmp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0295\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0295\nhttps://rhn.redhat.com/errata/RHSA-2009-0295.html\";\ntag_summary = \"The remote host is missing updates to net-snmp announced in\nadvisory CESA-2009:0295.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63707\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-31 19:20:21 +0200 (Tue, 31 Mar 2009)\");\n script_cve_id(\"CVE-2008-6123\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"CentOS Security Advisory CESA-2009:0295 (net-snmp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.0.9~2.30E.27\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.0.9~2.30E.27\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.0.9~2.30E.27\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.0.9~2.30E.27\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.0.9~2.30E.27\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "centos": [{"lastseen": "2019-12-20T18:24:14", "bulletinFamily": "unix", "cvelist": ["CVE-2008-6123"], "description": "**CentOS Errata and Security Advisory** CESA-2009:0295\n\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nIt was discovered that the snmpd daemon did not use TCP wrappers correctly,\ncausing network hosts access restrictions defined in \"/etc/hosts.allow\" and\n\"/etc/hosts.deny\" to not be honored. A remote attacker could use this flaw\nto bypass intended access restrictions. (CVE-2008-6123)\n\nThis issue only affected configurations where hosts.allow and hosts.deny\nwere used to limit access to the SNMP server. To obtain information from\nthe server, the attacker would have to successfully authenticate, usually\nby providing a correct community string.\n\nAll net-snmp users should upgrade to these updated packages, which contain\na backported patch to correct this issue. After installing the update, the\nsnmpd and snmptrapd daemons will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027738.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027740.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027741.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027743.html\n\n**Affected packages:**\nnet-snmp\nnet-snmp-devel\nnet-snmp-libs\nnet-snmp-perl\nnet-snmp-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0295.html", "edition": 4, "modified": "2009-03-26T18:34:21", "published": "2009-03-26T17:15:08", "href": "http://lists.centos.org/pipermail/centos-announce/2009-March/027738.html", "id": "CESA-2009:0295", "title": "net security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "redhat": [{"lastseen": "2019-08-13T18:46:43", "bulletinFamily": "unix", "cvelist": ["CVE-2008-6123"], "description": "The Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nIt was discovered that the snmpd daemon did not use TCP wrappers correctly,\ncausing network hosts access restrictions defined in \"/etc/hosts.allow\" and\n\"/etc/hosts.deny\" to not be honored. A remote attacker could use this flaw\nto bypass intended access restrictions. (CVE-2008-6123)\n\nThis issue only affected configurations where hosts.allow and hosts.deny\nwere used to limit access to the SNMP server. To obtain information from\nthe server, the attacker would have to successfully authenticate, usually\nby providing a correct community string.\n\nAll net-snmp users should upgrade to these updated packages, which contain\na backported patch to correct this issue. After installing the update, the\nsnmpd and snmptrapd daemons will be restarted automatically.", "modified": "2018-05-26T04:26:17", "published": "2009-03-26T04:00:00", "id": "RHSA-2009:0295", "href": "https://access.redhat.com/errata/RHSA-2009:0295", "type": "redhat", "title": "(RHSA-2009:0295) Moderate: net-snmp security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "ubuntu": [{"lastseen": "2020-07-09T01:37:04", "bulletinFamily": "unix", "cvelist": ["CVE-2008-6123"], "description": "The SNMP server did not correctly validate certain UDP clients when using \nTCP wrappers. Under some situations, a remote attacker could bypass \naccess restrictions and communicate with the SNMP server, potentially \nleading to a loss of privacy or a denial of service.", "edition": 5, "modified": "2010-06-02T00:00:00", "published": "2010-06-02T00:00:00", "id": "USN-946-1", "href": "https://ubuntu.com/security/notices/USN-946-1", "title": "Net-SNMP vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "seebug": [{"lastseen": "2017-11-19T18:59:32", "description": "BUGTRAQ ID: 33755\r\nCVE(CAN) ID: CVE-2008-6123\r\n\r\nNet-SNMP\u662f\u4e00\u4e2a\u514d\u8d39\u7684\u3001\u5f00\u653e\u6e90\u7801\u7684SNMP\u5b9e\u73b0\uff0c\u4ee5\u524d\u79f0\u4e3aUCD-SNMP\u3002\r\n\r\n\u5728\u4f7f\u7528TCP wrapper\u6388\u6743\u5ba2\u6237\u7aef\u7684\u65f6\u5019\uff0cNet-SNMP\u7684snmplib/snmpUDPDomain.c\u6587\u4ef6\u4e2d\u7684netsnmp_udp_fmtaddr\u51fd\u6570\u6ca1\u6709\u6b63\u786e\u5730\u89e3\u6790hosts.allow\u89c4\u5219\uff0c\u8fd9\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u7ed5\u8fc7\u9884\u671f\u7684\u8bbf\u95ee\u9650\u5236\u6267\u884cSNMP\u67e5\u8be2\uff0c\u83b7\u5f97\u4e3b\u673a\u76f8\u5173\u7684\u654f\u611f\u4fe1\u606f\u3002\n0\nNet-SNMP 5.4.2.1\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nNet-SNMP\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367 target=_blank rel=external nofollow>http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367</a>", "published": "2009-02-13T00:00:00", "type": "seebug", "title": "Net-snmp TCP Wrapper\u8fdc\u7a0b\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-6123"], "modified": "2009-02-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4761", "id": "SSV:4761", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:18", "bulletinFamily": "unix", "cvelist": ["CVE-2008-6123"], "description": "### Background\n\nnet-snmp bundles software for generating and retrieving SNMP data. \n\n### Description\n\nThe netsnmp_udp_fmtaddr() function (snmplib/snmpUDPDomain.c), when using TCP wrappers for client authorization, does not properly parse hosts.allow rules. \n\n### Impact\n\nA remote, unauthenticated attacker could bypass the ACL filtering, possibly resulting in the execution of arbitrary SNMP queries. \n\n### Workaround\n\nIf possible, protect net-snmp with custom iptables rules: \n\n` iptables -s [client] -d [host] -p udp --dport 161 -j ACCEPT iptables -s 0.0.0.0/0 -d [host] -p udp --dport 161 -j DROP`\n\n### Resolution\n\nAll net-snmp users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/net-snmp-5.4.2.1-r1\"", "edition": 1, "modified": "2010-01-13T00:00:00", "published": "2010-01-13T00:00:00", "id": "GLSA-201001-05", "href": "https://security.gentoo.org/glsa/201001-05", "type": "gentoo", "title": "net-snmp: Authorization bypass", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2021-01-17T14:02:23", "description": "With this update of net-snmp the handling of TCP wrappers rules for\nclient authorization was improved, prior to this update it was\npossible for remote attackers to bypass intended access restrictions\nand execute SNMP queries. (CVE-2008-6123) Additionally binding to\nmultiple interfaces was improved.", "edition": 23, "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : net-snmp (YOU Patch Number 12441)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "modified": "2009-09-24T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12441.NASL", "href": "https://www.tenable.com/plugins/nessus/41306", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41306);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-6123\");\n\n script_name(english:\"SuSE9 Security Update : net-snmp (YOU Patch Number 12441)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"With this update of net-snmp the handling of TCP wrappers rules for\nclient authorization was improved, prior to this update it was\npossible for remote attackers to bypass intended access restrictions\nand execute SNMP queries. (CVE-2008-6123) Additionally binding to\nmultiple interfaces was improved.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-6123.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12441.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"net-snmp-5.1.3.1-0.28\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"net-snmp-devel-5.1.3.1-0.28\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"perl-SNMP-5.1.3.1-0.28\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"net-snmp-32bit-9-200906161409\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-07T10:52:37", "description": "The remote host is affected by the vulnerability described in GLSA-201001-05\n(net-snmp: Authorization bypass)\n\n The netsnmp_udp_fmtaddr() function (snmplib/snmpUDPDomain.c), when\n using TCP wrappers for client authorization, does not properly parse\n hosts.allow rules.\n \nImpact :\n\n A remote, unauthenticated attacker could bypass the ACL filtering,\n possibly resulting in the execution of arbitrary SNMP queries.\n \nWorkaround :\n\n If possible, protect net-snmp with custom iptables rules:\n iptables -s [client] -d [host] -p udp --dport 161 -j ACCEPT\n iptables -s 0.0.0.0/0 -d [host] -p udp --dport 161 -j DROP", "edition": 24, "published": "2010-02-25T00:00:00", "title": "GLSA-201001-05 : net-snmp: Authorization bypass", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "modified": "2010-02-25T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:net-snmp", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201001-05.NASL", "href": "https://www.tenable.com/plugins/nessus/44894", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201001-05.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44894);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-6123\");\n script_bugtraq_id(33755);\n script_xref(name:\"GLSA\", value:\"201001-05\");\n\n script_name(english:\"GLSA-201001-05 : net-snmp: Authorization bypass\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201001-05\n(net-snmp: Authorization bypass)\n\n The netsnmp_udp_fmtaddr() function (snmplib/snmpUDPDomain.c), when\n using TCP wrappers for client authorization, does not properly parse\n hosts.allow rules.\n \nImpact :\n\n A remote, unauthenticated attacker could bypass the ACL filtering,\n possibly resulting in the execution of arbitrary SNMP queries.\n \nWorkaround :\n\n If possible, protect net-snmp with custom iptables rules:\n iptables -s [client] -d [host] -p udp --dport 161 -j ACCEPT\n iptables -s 0.0.0.0/0 -d [host] -p udp --dport 161 -j DROP\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201001-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All net-snmp users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/net-snmp-5.4.2.1-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/net-snmp\", unaffected:make_list(\"ge 5.4.2.1-r1\"), vulnerable:make_list(\"lt 5.4.2.1-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-06T09:25:32", "description": "Updated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nIt was discovered that the snmpd daemon did not use TCP wrappers\ncorrectly, causing network hosts access restrictions defined in\n'/etc/hosts.allow' and '/etc/hosts.deny' to not be honored. A remote\nattacker could use this flaw to bypass intended access restrictions.\n(CVE-2008-6123)\n\nThis issue only affected configurations where hosts.allow and\nhosts.deny were used to limit access to the SNMP server. To obtain\ninformation from the server, the attacker would have to successfully\nauthenticate, usually by providing a correct community string.\n\nAll net-snmp users should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the snmpd and snmptrapd daemons will be restarted\nautomatically.", "edition": 27, "published": "2009-03-27T00:00:00", "title": "CentOS 3 : net-snmp (CESA-2009:0295)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "modified": "2009-03-27T00:00:00", "cpe": ["p-cpe:/a:centos:centos:net-snmp-utils", "p-cpe:/a:centos:centos:net-snmp-libs", "p-cpe:/a:centos:centos:net-snmp-perl", "p-cpe:/a:centos:centos:net-snmp", "p-cpe:/a:centos:centos:net-snmp-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-0295.NASL", "href": "https://www.tenable.com/plugins/nessus/36021", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0295 and \n# CentOS Errata and Security Advisory 2009:0295 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36021);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-6123\");\n script_bugtraq_id(33755);\n script_xref(name:\"RHSA\", value:\"2009:0295\");\n\n script_name(english:\"CentOS 3 : net-snmp (CESA-2009:0295)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nIt was discovered that the snmpd daemon did not use TCP wrappers\ncorrectly, causing network hosts access restrictions defined in\n'/etc/hosts.allow' and '/etc/hosts.deny' to not be honored. A remote\nattacker could use this flaw to bypass intended access restrictions.\n(CVE-2008-6123)\n\nThis issue only affected configurations where hosts.allow and\nhosts.deny were used to limit access to the SNMP server. To obtain\ninformation from the server, the attacker would have to successfully\nauthenticate, usually by providing a correct community string.\n\nAll net-snmp users should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the snmpd and snmptrapd daemons will be restarted\nautomatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-March/015700.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4c7ea7ef\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-March/015702.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7268e597\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-March/015703.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a82cea6f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-devel-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-libs-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-perl-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-utils-5.0.9-2.30E.27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp / net-snmp-devel / net-snmp-libs / net-snmp-perl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T06:57:32", "description": "The SNMP server did not correctly validate certain UDP clients when\nusing TCP wrappers. Under some situations, a remote attacker could\nbypass access restrictions and communicate with the SNMP server,\npotentially leading to a loss of privacy or a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2013-03-09T00:00:00", "title": "Ubuntu 10.04 LTS : net-snmp vulnerability (USN-946-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libsnmp15", "p-cpe:/a:canonical:ubuntu_linux:snmp", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:snmpd", "p-cpe:/a:canonical:ubuntu_linux:libsnmp-python", "p-cpe:/a:canonical:ubuntu_linux:libsnmp15-dbg", "p-cpe:/a:canonical:ubuntu_linux:libsnmp-perl", "p-cpe:/a:canonical:ubuntu_linux:libsnmp-dev", "p-cpe:/a:canonical:ubuntu_linux:libsnmp-base", "p-cpe:/a:canonical:ubuntu_linux:tkmib"], "id": "UBUNTU_USN-946-1.NASL", "href": "https://www.tenable.com/plugins/nessus/65124", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-946-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65124);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2008-6123\");\n script_bugtraq_id(33755);\n script_xref(name:\"USN\", value:\"946-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : net-snmp vulnerability (USN-946-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SNMP server did not correctly validate certain UDP clients when\nusing TCP wrappers. Under some situations, a remote attacker could\nbypass access restrictions and communicate with the SNMP server,\npotentially leading to a loss of privacy or a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/946-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsnmp-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsnmp-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsnmp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsnmp-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsnmp15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsnmp15-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:snmpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tkmib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libsnmp-base\", pkgver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libsnmp-dev\", pkgver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libsnmp-perl\", pkgver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libsnmp-python\", pkgver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libsnmp15\", pkgver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libsnmp15-dbg\", pkgver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"snmp\", pkgver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"snmpd\", pkgver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"tkmib\", pkgver:\"5.4.2.1~dfsg0ubuntu1-0ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsnmp-base / libsnmp-dev / libsnmp-perl / libsnmp-python / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T14:04:50", "description": "With this update of net-snmp the handling of TCP wrappers rules for\nclient authorization was improved, prior to this update it was\npossible for remote attackers to bypass intended access restrictions\nand execute SNMP queries. (CVE-2008-6123) Additionally binding to\nmultiple interfaces was improved.", "edition": 23, "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : libsnmp15 (libsnmp15-879)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "modified": "2009-07-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:perl-SNMP", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:net-snmp-devel", "p-cpe:/a:novell:opensuse:libsnmp15-32bit", "p-cpe:/a:novell:opensuse:net-snmp", "p-cpe:/a:novell:opensuse:snmp-mibs", "p-cpe:/a:novell:opensuse:libsnmp15"], "id": "SUSE_11_1_LIBSNMP15-090514.NASL", "href": "https://www.tenable.com/plugins/nessus/40269", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libsnmp15-879.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40269);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-6123\");\n\n script_name(english:\"openSUSE Security Update : libsnmp15 (libsnmp15-879)\");\n script_summary(english:\"Check for the libsnmp15-879 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"With this update of net-snmp the handling of TCP wrappers rules for\nclient authorization was improved, prior to this update it was\npossible for remote attackers to bypass intended access restrictions\nand execute SNMP queries. (CVE-2008-6123) Additionally binding to\nmultiple interfaces was improved.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=475532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=481490\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libsnmp15 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsnmp15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsnmp15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-SNMP\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:snmp-mibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libsnmp15-5.4.2.1-5.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"net-snmp-5.4.2.1-5.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"net-snmp-devel-5.4.2.1-5.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"perl-SNMP-5.4.2.1-5.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"snmp-mibs-5.4.2.1-5.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libsnmp15-32bit-5.4.2.1-5.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T14:46:48", "description": "With this update of net-snmp the handling of TCP wrappers rules for\nclient authorization was improved, prior to this update it was\npossible for remote attackers to bypass intended access restrictions\nand execute SNMP queries. (CVE-2008-6123) Additionally binding to\nmultiple interfaces was improved.", "edition": 23, "published": "2009-09-24T00:00:00", "title": "SuSE 10 Security Update : net-snmp (ZYPP Patch Number 6248)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "modified": "2009-09-24T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_NET-SNMP-6248.NASL", "href": "https://www.tenable.com/plugins/nessus/41562", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41562);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-6123\");\n\n script_name(english:\"SuSE 10 Security Update : net-snmp (ZYPP Patch Number 6248)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"With this update of net-snmp the handling of TCP wrappers rules for\nclient authorization was improved, prior to this update it was\npossible for remote attackers to bypass intended access restrictions\nand execute SNMP queries. (CVE-2008-6123) Additionally binding to\nmultiple interfaces was improved.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-6123.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6248.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"net-snmp-5.3.0.1-25.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"net-snmp-devel-5.3.0.1-25.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"perl-SNMP-5.3.0.1-25.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"net-snmp-32bit-5.3.0.1-25.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"net-snmp-5.3.0.1-25.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"net-snmp-devel-5.3.0.1-25.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"perl-SNMP-5.3.0.1-25.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"net-snmp-32bit-5.3.0.1-25.31\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-07T11:52:03", "description": "A vulnerability has been identified and corrected in net-snmp :\n\nThe netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp\n5.0.9 through 5.4.2, when using TCP wrappers for client authorization,\ndoes not properly parse hosts.allow rules, which allows remote\nattackers to bypass intended access restrictions and execute SNMP\nqueries, related to source/destination IP address confusion.\n(CVE-2008-6123)\n\nThe updated packages have been patched to prevent this.", "edition": 25, "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : net-snmp (MDVSA-2009:056)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:perl-NetSNMP", "p-cpe:/a:mandriva:linux:net-snmp-mibs", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:net-snmp-trapd", "p-cpe:/a:mandriva:linux:libnet-snmp-devel", "p-cpe:/a:mandriva:linux:net-snmp-tkmib", "p-cpe:/a:mandriva:linux:net-snmp", "p-cpe:/a:mandriva:linux:libnet-snmp-static-devel", "p-cpe:/a:mandriva:linux:lib64net-snmp-devel", "p-cpe:/a:mandriva:linux:libnet-snmp15", "p-cpe:/a:mandriva:linux:lib64net-snmp-static-devel", "p-cpe:/a:mandriva:linux:lib64net-snmp15", "p-cpe:/a:mandriva:linux:net-snmp-utils"], "id": "MANDRIVA_MDVSA-2009-056.NASL", "href": "https://www.tenable.com/plugins/nessus/36601", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:056. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36601);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-6123\");\n script_bugtraq_id(33755);\n script_xref(name:\"MDVSA\", value:\"2009:056\");\n\n script_name(english:\"Mandriva Linux Security Advisory : net-snmp (MDVSA-2009:056)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been identified and corrected in net-snmp :\n\nThe netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp\n5.0.9 through 5.4.2, when using TCP wrappers for client authorization,\ndoes not properly parse hosts.allow rules, which allows remote\nattackers to bypass intended access restrictions and execute SNMP\nqueries, related to source/destination IP address confusion.\n(CVE-2008-6123)\n\nThe updated packages have been patched to prevent this.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64net-snmp-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64net-snmp15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnet-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnet-snmp-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnet-snmp15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp-mibs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp-tkmib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp-trapd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-NetSNMP\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64net-snmp-devel-5.4.2-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64net-snmp-static-devel-5.4.2-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64net-snmp15-5.4.2-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libnet-snmp-devel-5.4.2-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libnet-snmp-static-devel-5.4.2-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libnet-snmp15-5.4.2-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"net-snmp-5.4.2-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"net-snmp-mibs-5.4.2-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"net-snmp-tkmib-5.4.2-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"net-snmp-trapd-5.4.2-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"net-snmp-utils-5.4.2-2.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"perl-NetSNMP-5.4.2-2.2mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T14:46:30", "description": "With this update of net-snmp the handling of TCP wrappers rules for\nclient authorization was improved, prior to this update it was\npossible for remote attackers to bypass intended access restrictions\nand execute SNMP queries. (CVE-2008-6123) Additionally binding to\nmultiple interfaces was improved.", "edition": 23, "published": "2009-05-29T00:00:00", "title": "openSUSE 10 Security Update : libsnmp15 (libsnmp15-6247)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "modified": "2009-05-29T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.3", "p-cpe:/a:novell:opensuse:perl-SNMP", "p-cpe:/a:novell:opensuse:net-snmp-devel", "p-cpe:/a:novell:opensuse:net-snmp", "p-cpe:/a:novell:opensuse:snmp-mibs", "p-cpe:/a:novell:opensuse:libsnmp15", "p-cpe:/a:novell:opensuse:net-snmp-32bit"], "id": "SUSE_LIBSNMP15-6247.NASL", "href": "https://www.tenable.com/plugins/nessus/38950", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libsnmp15-6247.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38950);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-6123\");\n\n script_name(english:\"openSUSE 10 Security Update : libsnmp15 (libsnmp15-6247)\");\n script_summary(english:\"Check for the libsnmp15-6247 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"With this update of net-snmp the handling of TCP wrappers rules for\nclient authorization was improved, prior to this update it was\npossible for remote attackers to bypass intended access restrictions\nand execute SNMP queries. (CVE-2008-6123) Additionally binding to\nmultiple interfaces was improved.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libsnmp15 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsnmp15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-SNMP\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:snmp-mibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libsnmp15-5.4.1-19.6\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"net-snmp-5.4.1-19.6\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"net-snmp-devel-5.4.1-19.6\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"perl-SNMP-5.4.1-19.6\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"snmp-mibs-5.4.1-19.6\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"net-snmp-32bit-5.4.1-19.6\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T14:06:09", "description": "This update of net-snmp fixes the following bugs :\n\n - truncated walk of hrSWRunPath (bnc#565586)\n\n - crash when 64-bit counters wrap (bnc#523553)\n\n - unknown host names in snmp traps (bnc#514333)\n\n - sensitive host information disclosure (bnc#475532,\n CVE-2008-6123)", "edition": 23, "published": "2010-02-07T00:00:00", "title": "openSUSE Security Update : libsnmp15 (libsnmp15-1922)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "modified": "2010-02-07T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:perl-SNMP", "p-cpe:/a:novell:opensuse:net-snmp-devel", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:libsnmp15-32bit", "p-cpe:/a:novell:opensuse:net-snmp", "p-cpe:/a:novell:opensuse:snmp-mibs", "p-cpe:/a:novell:opensuse:libsnmp15"], "id": "SUSE_11_2_LIBSNMP15-100204.NASL", "href": "https://www.tenable.com/plugins/nessus/44403", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libsnmp15-1922.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44403);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-6123\");\n\n script_name(english:\"openSUSE Security Update : libsnmp15 (libsnmp15-1922)\");\n script_summary(english:\"Check for the libsnmp15-1922 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of net-snmp fixes the following bugs :\n\n - truncated walk of hrSWRunPath (bnc#565586)\n\n - crash when 64-bit counters wrap (bnc#523553)\n\n - unknown host names in snmp traps (bnc#514333)\n\n - sensitive host information disclosure (bnc#475532,\n CVE-2008-6123)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=466805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=473328\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=475532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=514333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=523553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=565586\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libsnmp15 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsnmp15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsnmp15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-SNMP\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:snmp-mibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libsnmp15-5.4.2.1-11.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"net-snmp-5.4.2.1-11.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"net-snmp-devel-5.4.2.1-11.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"perl-SNMP-5.4.2.1-11.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"snmp-mibs-5.4.2.1-11.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libsnmp15-32bit-5.4.2.1-11.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T12:44:21", "description": "From Red Hat Security Advisory 2009:0295 :\n\nUpdated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nIt was discovered that the snmpd daemon did not use TCP wrappers\ncorrectly, causing network hosts access restrictions defined in\n'/etc/hosts.allow' and '/etc/hosts.deny' to not be honored. A remote\nattacker could use this flaw to bypass intended access restrictions.\n(CVE-2008-6123)\n\nThis issue only affected configurations where hosts.allow and\nhosts.deny were used to limit access to the SNMP server. To obtain\ninformation from the server, the attacker would have to successfully\nauthenticate, usually by providing a correct community string.\n\nAll net-snmp users should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the snmpd and snmptrapd daemons will be restarted\nautomatically.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 : net-snmp (ELSA-2009-0295)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-6123"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:net-snmp-perl", "p-cpe:/a:oracle:linux:net-snmp-utils", "p-cpe:/a:oracle:linux:net-snmp", "p-cpe:/a:oracle:linux:net-snmp-devel", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:net-snmp-libs"], "id": "ORACLELINUX_ELSA-2009-0295.NASL", "href": "https://www.tenable.com/plugins/nessus/67806", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0295 and \n# Oracle Linux Security Advisory ELSA-2009-0295 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67806);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-6123\");\n script_bugtraq_id(33755);\n script_xref(name:\"RHSA\", value:\"2009:0295\");\n\n script_name(english:\"Oracle Linux 3 : net-snmp (ELSA-2009-0295)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0295 :\n\nUpdated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nIt was discovered that the snmpd daemon did not use TCP wrappers\ncorrectly, causing network hosts access restrictions defined in\n'/etc/hosts.allow' and '/etc/hosts.deny' to not be honored. A remote\nattacker could use this flaw to bypass intended access restrictions.\n(CVE-2008-6123)\n\nThis issue only affected configurations where hosts.allow and\nhosts.deny were used to limit access to the SNMP server. To obtain\ninformation from the server, the attacker would have to successfully\nauthenticate, usually by providing a correct community string.\n\nAll net-snmp users should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the snmpd and snmptrapd daemons will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-March/000936.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-devel-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-devel-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-libs-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-libs-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-perl-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-perl-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-utils-5.0.9-2.30E.27\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-utils-5.0.9-2.30E.27\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp / net-snmp-devel / net-snmp-libs / net-snmp-perl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4309", "CVE-2008-6123"], "description": "SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc. You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities. Building option: \t--without tcp_wrappers : disable tcp_wrappers support ", "modified": "2009-02-17T15:39:27", "published": "2009-02-17T15:39:27", "id": "FEDORA:B235C20851F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: net-snmp-5.4.2.1-3.fc10", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}