Search...

Net-SNMP Unauthenticated MIB Object Access

2003-09-09T10:22:51

ID OSVDB:2148
Type osvdb
Reporter OSVDB
Modified 2003-09-09T10:22:51

Description

No description provided by the source

References:

Vendor Specific Solution URL: http://sourceforge.net/project/showfiles.php?group_id=12694 Vendor Specific Advisory URL Secunia Advisory ID:9697 RedHat RHSA: RHSA-2003:335 OVAL ID: 869 ISS X-Force ID: 13139 CVE-2003-0935 Bugtraq ID: 8582

JSON Vulners Source

Initial Source

{"type": "osvdb", "published": "2003-09-09T10:22:51", "href": "https://vulners.com/osvdb/OSVDB:2148", "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "8b967d460b682042637c0a667cfbbb7d"}, {"key": "cvss", "hash": "74ae407306a397b0a0ad358180716883"}, {"key": "description", "hash": "c6f6c5afea6719ebfa4c2108ddaf9ee0"}, {"key": "href", "hash": "f2a01e1575fc27c73b71ff6285ca3a25"}, {"key": "modified", "hash": "11b92c53c11a1b128367c46293b14e02"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "11b92c53c11a1b128367c46293b14e02"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "371ccd8d637d72d6d3569e1d9e1c09d9"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "bulletinFamily": "software", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/", "score": 6.4}, "viewCount": 1, "history": [], "edition": 1, "objectVersion": "1.2", "reporter": "OSVDB", "title": "Net-SNMP Unauthenticated MIB Object Access ", "affectedSoftware": [], "enchantments": {"vulnersScore": 5.0}, "references": [], "id": "OSVDB:2148", "hash": "ab77da5045471dff57b4038a75b3411a9effc479fd5cfaedb0faf3441a603c6b", "lastseen": "2017-04-28T13:19:56", "cvelist": ["CVE-2003-0935"], "modified": "2003-09-09T10:22:51", "description": "# No description provided by the source\n\n## References:\nVendor Specific Solution URL: http://sourceforge.net/project/showfiles.php?group_id=12694\n[Vendor Specific Advisory URL](http://sourceforge.net/project/shownotes.php?release_id=182697)\n[Secunia Advisory ID:9697](https://secuniaresearch.flexerasoftware.com/advisories/9697/)\nRedHat RHSA: RHSA-2003:335\nOVAL ID: 869\nISS X-Force ID: 13139\n[CVE-2003-0935](https://vulners.com/cve/CVE-2003-0935)\nBugtraq ID: 8582\n"}

{"result": {"cve": [{"id": "CVE-2003-0935", "type": "cve", "title": "CVE-2003-0935", "description": "Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed.", "published": "2003-12-01T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0935", "cvelist": ["CVE-2003-0935"], "lastseen": "2017-10-11T11:05:51"}], "nessus": [{"id": "MANDRAKE_MDKSA-2003-115.NASL", "type": "nessus", "title": "Mandrake Linux Security Advisory : net-snmp (MDKSA-2003:115)", "description": "A vulnerability in Net-SNMP versions prior to 5.0.9 could allow an existing user/community to gain access to data in MIB objects that were explicitly excluded from their view.\n\nThe updated packages provide Net-SNMP version 5.0.9 which is not vulnerable to this issue and also fixes a number of other smaller bugs.", "published": "2004-07-31T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=14097", "cvelist": ["CVE-2003-0935"], "lastseen": "2017-10-29T13:35:25"}, {"id": "REDHAT-RHSA-2004-023.NASL", "type": "nessus", "title": "RHEL 3 : net-snmp (RHSA-2004:023)", "description": "Updated Net-SNMP packages are available to correct a security vulnerability and other bugs.\n\nThe Net-SNMP project includes various Simple Network Management Protocol (SNMP) tools.\n\nA security issue in Net-SNMP versions before 5.0.9 could allow an existing user/community to gain access to data in MIB objects that were explicitly excluded from their view. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0935 to this issue.\n\nUsers of Net-SNMP are advised to upgrade to these errata packages containing Net-SNMP 5.0.9 which is not vulnerable to this issue. In addition, Net-SNMP 5.0.9 fixes a number of other minor bugs.", "published": "2004-07-06T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=12453", "cvelist": ["CVE-2003-0935"], "lastseen": "2017-10-29T13:44:38"}], "redhat": [{"id": "RHSA-2004:023", "type": "redhat", "title": "(RHSA-2004:023) net-snmp security update", "description": "The Net-SNMP project includes various Simple Network Management Protocol\n(SNMP) tools.\n\nA security issue in Net-SNMP versions before 5.0.9 could allow an existing\nuser/community to gain access to data in MIB objects that were explicitly\nexcluded from their view. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2003-0935 to this issue.\n\nUsers of Net-SNMP are advised to upgrade to these errata packages containing\nNet-SNMP 5.0.9 which is not vulnerable to this issue. In addition,\nNet-SNMP 5.0.9 fixes a number of other minor bugs.", "published": "2004-01-15T05:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2004:023", "cvelist": ["CVE-2003-0935"], "lastseen": "2017-08-02T22:57:47"}]}}