Snmppd syslog() Function Remote Format String

2005-04-24T09:47:50
ID OSVDB:16197
Type osvdb
Reporter dong-houn yoU(xploit@hackermail.com)
Modified 2005-04-24T09:47:50

Description

Vulnerability Description

snmppd contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is caused by the 'snmppd/snmppd_util.c' component not providing the appropriate format string specifier to a syslog() call. It is possible that the flaw may allow a remote attacker to execute arbitrary code on the system, resulting in a loss of integrity.

Technical Description

INetcop Security team hasn't researched whether it is exploitable and may or may not allow code execution.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

snmppd contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is caused by the 'snmppd/snmppd_util.c' component not providing the appropriate format string specifier to a syslog() call. It is possible that the flaw may allow a remote attacker to execute arbitrary code on the system, resulting in a loss of integrity.

References:

Vendor URL: http://slava.local.nsys.by/projects/snmppd/ Security Tracker: 1013794 Secunia Advisory ID:15120 Packet Storm: http://packetstormsecurity.org/0505-advisories/snmppd_dos.txt Other Advisory URL: http://www.securiteam.com/unixfocus/5WP0K1FFGG.html Other Advisory URL: http://x82.inetcop.org/h0me/adv1sor1es/INCSA.2005-0x82-027-SNMPPD.txt Mail List Post: http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0022.html Keyword: INetCop Security Advisory #2005-0x82-027 ISS X-Force ID: 20265 FrSIRT Advisory: ADV-2005-0385 CVE-2005-1246 Bugtraq ID: 13348