Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2008-0960
HistoryJun 10, 2008 - 6:32 p.m.

CVE-2008-0960

2008-06-1018:32:00
CWE-287
[email protected]
web.nvd.nist.gov
7

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

High

EPSS

0.972

Percentile

99.8%

JSON

SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.

Affected configurations

Nvd
Node
ciscocatosMatch7.1.1
OR
ciscocatosMatch7.3.1
OR
ciscocatosMatch7.4.1
OR
ciscocatosMatch8.3
OR
ciscocisco_iosMatch12.0s
OR
ciscocisco_iosMatch12.0sy
OR
ciscocisco_iosMatch12.1e
OR
ciscocisco_iosMatch12.2ewa
OR
ciscocisco_iosMatch12.2jk
OR
ciscocisco_iosMatch12.2sb
OR
ciscocisco_iosMatch12.2sg
OR
ciscocisco_iosMatch12.2sga
OR
ciscocisco_iosMatch12.2sra
OR
ciscocisco_iosMatch12.2srb
OR
ciscocisco_iosMatch12.2src
OR
ciscocisco_iosMatch12.2sxb
OR
ciscocisco_iosMatch12.2sxd
OR
ciscocisco_iosMatch12.2sxf
OR
ciscocisco_iosMatch12.2zl
OR
ciscocisco_iosMatch12.2zy
OR
ciscocisco_iosMatch12.3
OR
ciscocisco_iosMatch12.3b
OR
ciscocisco_iosMatch12.3ja
OR
ciscocisco_iosMatch12.3jeb
OR
ciscocisco_iosMatch12.3jk
OR
ciscocisco_iosMatch12.3jl
OR
ciscocisco_iosMatch12.3jx
OR
ciscocisco_iosMatch12.3t
OR
ciscocisco_iosMatch12.3xa
OR
ciscocisco_iosMatch12.3xg
OR
ciscocisco_iosMatch12.3xi
OR
ciscocisco_iosMatch12.3xk
OR
ciscocisco_iosMatch12.3xr
OR
ciscocisco_iosMatch12.3yf
OR
ciscocisco_iosMatch12.3yi
OR
ciscocisco_iosMatch12.3yt
OR
ciscocisco_iosMatch12.3yx
OR
ciscocisco_iosMatch12.4
OR
ciscocisco_iosMatch12.4t
OR
ciscocisco_iosMatch12.4xa
OR
ciscocisco_iosMatch12.4xc
OR
ciscocisco_iosMatch12.4xd
OR
ciscocisco_iosMatch12.4xe
OR
ciscocisco_iosMatch12.4xj
OR
ciscocisco_iosMatch12.4xw
OR
ciscoiosMatch10.0
OR
ciscoiosMatch11.0
OR
ciscoiosMatch11.1
OR
ciscoiosMatch11.3
OR
ciscoiosMatch12.2
OR
ciscoios_xrMatch2.0
OR
ciscoios_xrMatch3.0
OR
ciscoios_xrMatch3.2
OR
ciscoios_xrMatch3.3
OR
ciscoios_xrMatch3.4
OR
ciscoios_xrMatch3.5
OR
ciscoios_xrMatch3.6
OR
ciscoios_xrMatch3.7
OR
cisconx_osMatch4.0
OR
cisconx_osMatch4.0.1a
OR
cisconx_osMatch4.0.2
OR
ecos_sourcewareecosMatch1.1
OR
ecos_sourcewareecosMatch1.2.1
OR
ecos_sourcewareecosMatch1.3.1
OR
ecos_sourcewareecosMatch2.0
OR
ecos_sourcewareecosMatch2.0b1
OR
net-snmpnet_snmpMatch5.0
OR
net-snmpnet_snmpMatch5.0.1
OR
net-snmpnet_snmpMatch5.0.2
OR
net-snmpnet_snmpMatch5.0.3
OR
net-snmpnet_snmpMatch5.0.4
OR
net-snmpnet_snmpMatch5.0.5
OR
net-snmpnet_snmpMatch5.0.6
OR
net-snmpnet_snmpMatch5.0.7
OR
net-snmpnet_snmpMatch5.0.8
OR
net-snmpnet_snmpMatch5.0.9
OR
net-snmpnet_snmpMatch5.1
OR
net-snmpnet_snmpMatch5.1.1
OR
net-snmpnet_snmpMatch5.1.2
OR
net-snmpnet_snmpMatch5.2
OR
net-snmpnet_snmpMatch5.3
OR
net-snmpnet_snmpMatch5.3.0.1
OR
net-snmpnet_snmpMatch5.4
OR
sunsolarisMatch10.0unkownx86
OR
sunsunosMatch5.10
AND
ciscoace_10_6504_bundle_with_4_gbps_throughput
OR
ciscoace_10_6509_bundle_with_8_gbps_throughput
OR
ciscoace_10_service_module
OR
ciscoace_20_6504_bundle_with__4gbps_throughput
OR
ciscoace_20_6509_bundle_with_8gbps_throughput
OR
ciscoace_20_service_module
OR
ciscoace_4710
OR
ciscoace_xml_gatewayMatch5.2
OR
ciscoace_xml_gatewayMatch6.0
OR
ciscomds_9120
OR
ciscomds_9124
OR
ciscomds_9134
OR
ciscomds_9140
OR
ingateingate_firewallMatch2.2.0
OR
ingateingate_firewallMatch2.2.1
OR
ingateingate_firewallMatch2.2.2
OR
ingateingate_firewallMatch2.3.0
OR
ingateingate_firewallMatch2.4.0
OR
ingateingate_firewallMatch2.4.1
OR
ingateingate_firewallMatch2.5.0
OR
ingateingate_firewallMatch2.6.0
OR
ingateingate_firewallMatch2.6.1
OR
ingateingate_firewallMatch3.0.2
OR
ingateingate_firewallMatch3.1.0
OR
ingateingate_firewallMatch3.1.1
OR
ingateingate_firewallMatch3.1.3
OR
ingateingate_firewallMatch3.1.4
OR
ingateingate_firewallMatch3.2.0
OR
ingateingate_firewallMatch3.2.1
OR
ingateingate_firewallMatch3.2.2
OR
ingateingate_firewallMatch3.3.1
OR
ingateingate_firewallMatch4.1.0
OR
ingateingate_firewallMatch4.1.3
OR
ingateingate_firewallMatch4.2.1
OR
ingateingate_firewallMatch4.2.2
OR
ingateingate_firewallMatch4.2.3
OR
ingateingate_firewallMatch4.3.1
OR
ingateingate_firewallMatch4.4.1
OR
ingateingate_firewallMatch4.4.2
OR
ingateingate_firewallMatch4.5.1
OR
ingateingate_firewallMatch4.5.2
OR
ingateingate_firewallMatch4.6.0
OR
ingateingate_firewallMatch4.6.1
OR
ingateingate_firewallMatch4.6.2
OR
ingateingate_siparatorMatch2.2.0
OR
ingateingate_siparatorMatch2.2.1
OR
ingateingate_siparatorMatch2.2.2
OR
ingateingate_siparatorMatch2.3.0
OR
ingateingate_siparatorMatch2.4.0
OR
ingateingate_siparatorMatch2.4.1
OR
ingateingate_siparatorMatch2.5.0
OR
ingateingate_siparatorMatch2.6.0
OR
ingateingate_siparatorMatch2.6.1
OR
ingateingate_siparatorMatch3.0.2
OR
ingateingate_siparatorMatch3.1.0
OR
ingateingate_siparatorMatch3.1.1
OR
ingateingate_siparatorMatch3.1.3
OR
ingateingate_siparatorMatch3.1.4
OR
ingateingate_siparatorMatch3.2.0
OR
ingateingate_siparatorMatch3.2.1
OR
ingateingate_siparatorMatch3.2.2
OR
ingateingate_siparatorMatch3.3.1
OR
ingateingate_siparatorMatch4.1.0
OR
ingateingate_siparatorMatch4.1.3
OR
ingateingate_siparatorMatch4.2.1
OR
ingateingate_siparatorMatch4.2.2
OR
ingateingate_siparatorMatch4.2.3
OR
ingateingate_siparatorMatch4.3.1
OR
ingateingate_siparatorMatch4.3.4
OR
ingateingate_siparatorMatch4.4.1
OR
ingateingate_siparatorMatch4.4.2
OR
ingateingate_siparatorMatch4.5.1
OR
ingateingate_siparatorMatch4.5.2
OR
ingateingate_siparatorMatch4.6.0
OR
ingateingate_siparatorMatch4.6.1
OR
ingateingate_siparatorMatch4.6.2
AND
junipersession_and_resource_controlMatch1.0
OR
junipersession_and_resource_controlMatch2.0
OR
junipersrc_peMatch1.0
OR
junipersrc_peMatch2.0

References

Related

nessus 35
d2 1
prion 1
securityvulns 4
openvas 42
checkpoint_advisories 1
f5 4
redhat 2
checkpoint_security 1
debiancve 1
exploitpack 1
veracode 1
cvelist 1
centos 2
cve 1
seebug 2
ubuntucve 1
cisco 1
exploitdb 1
gentoo 1
fedora 5
cert 1
slackware 1
oraclelinux 1
debian 1
ubuntu 1
osv 1
vmware 4
suse 1
nessus
nessus
HP-UX PHSS_39887 : HP OpenView SNMP Emanate Master Agent Remote Unauthorized Access (HPSBMA02439 SSRT080082 rev.3)
2010-07-19 00:00:00
HP-UX PHSS_39886 : HP OpenView SNMP Emanate Master Agent Remote Unauthorized Access (HPSBMA02439 SSRT080082 rev.3)
2010-07-19 00:00:00
Multiple Vendor HMAC Authentication SNMPv3 Authentication Bypass
2009-07-31 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_SNMPV3
2008-06-10 18:32:00
prion
prion
Authentication flaw
2008-06-10 18:32:00
securityvulns
securityvulns
Multiple SNMPv3 authentication implementations bypass
2008-06-10 00:00:00
[oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing
2008-06-10 00:00:00
Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities
2008-06-10 00:00:00
openvas
openvas
CentOS Update for ucd-snmp CESA-2008:0528-01 centos2 i386
2009-02-27 00:00:00
RedHat Update for ucd-snmp RHSA-2008:0528-01
2009-03-06 00:00:00
RedHat Update for ucd-snmp RHSA-2008:0528-01
2009-03-06 00:00:00
checkpoint_advisories
checkpoint_advisories
Multiple Vendor SNMPv3 HMAC Handling Authentication Bypass (CVE-2008-0960)
2008-06-22 00:00:00
f5
f5
SOL9025 - FirePass SNMP DoS vulnerability
2008-07-31 00:00:00
SOL8939 - SNMPv3 HMAC verification vulnerability CVE-2008-0960 - VU#878044
2008-07-15 00:00:00
K9025 : FirePass SNMP DoS vulnerability
2013-03-18 00:00:00
redhat
redhat
(RHSA-2008:0528) Moderate: ucd-snmp security update
2008-06-10 00:00:00
(RHSA-2008:0529) Moderate: net-snmp security update
2008-06-10 00:00:00
checkpoint_security
checkpoint_security
Check Point response to NET-SNMP vulnerability CVE-2008-0960
2008-06-04 21:00:00
debiancve
debiancve
CVE-2008-0960
2008-06-10 18:32:00
exploitpack
exploitpack
SNMPv3 - HMAC Validation error Remote Authentication Bypass
2008-06-12 00:00:00
veracode
veracode
Authentication Bypass
2020-04-10 00:31:19
cvelist
cvelist
CVE-2008-0960
2008-06-10 18:00:00
centos
centos
ucd security update
2008-06-10 23:24:29
net security update
2008-06-10 20:39:52
cve
cve
CVE-2008-0960
2008-06-10 18:32:00
seebug
seebug
Net-SNMP远程绕过认证漏洞
2008-06-14 00:00:00
SNMPv3 HMAC validation error Remote Authentication Bypass Exploit
2008-06-12 00:00:00
ubuntucve
ubuntucve
CVE-2008-0960
2008-06-10 00:00:00
cisco
cisco
SNMP Version 3 Authentication Vulnerabilities
2008-06-10 00:00:00
exploitdb
exploitdb
SNMPv3 - HMAC Validation error Remote Authentication Bypass
2008-06-12 00:00:00
gentoo
gentoo
Net-SNMP: Multiple vulnerabilities
2008-08-06 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: net-snmp-5.4.1-18.fc9
2008-06-11 04:39:24
[SECURITY] Fedora 8 Update: net-snmp-5.4.1-7.fc8
2008-06-11 04:39:34
[SECURITY] Fedora 7 Update: net-snmp-5.4-18.fc7
2008-06-11 04:39:52
cert
cert
SNMPv3 improper HMAC validation allows authentication bypass
2008-06-10 00:00:00
slackware
slackware
[slackware-security] net-snmp
2008-07-29 05:33:31
oraclelinux
oraclelinux
net-snmp security update
2008-06-10 00:00:00
debian
debian
[SECURITY] [DSA 1663-1] New net-snmp packages fix several vulnerabilities
2008-11-09 09:49:16
ubuntu
ubuntu
Net-SNMP vulnerabilities
2008-12-03 00:00:00
osv
osv
net-snmp - several vulnerabilities
2008-11-09 00:00:00
vmware
vmware
Updated ESX packages for libxml2, ucd-snmp, libtiff
2008-10-31 00:00:00
Updated ESX packages for libxml2, ucd-snmp, libtiff
2008-10-31 00:00:00
Updated ESX packages for OpenSSL, net-snmp, perl
2008-08-12 00:00:00
suse
suse
authentication bypass, denial-of-service in net-snmp
2008-08-01 13:33:56

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

High

EPSS

0.972

Percentile

99.8%

JSON
Related for NVD:CVE-2008-0960
nessus35d21prion1securityvulns4openvas42checkpoint_advisories1f54redhat2checkpoint_security1debiancve1exploitpack1veracode1cvelist1centos2cve1seebug2ubuntucve1cisco1exploitdb1gentoo1fedora5cert1slackware1oraclelinux1debian1ubuntu1osv1vmware4suse1