10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.972 High
EPSS
Percentile
99.8%
The Simple Network Management Protocol (SNMP) is a protocol used for
network management.
A flaw was found in the way Net-SNMP checked an SNMPv3 packet’s Keyed-Hash
Message Authentication Code (HMAC). An attacker could use this flaw to
spoof an authenticated SNMPv3 packet. (CVE-2008-0960)
A buffer overflow was found in the Perl bindings for Net-SNMP. This could
be exploited if an attacker could convince an application using the
Net-SNMP Perl module to connect to a malicious SNMP agent. (CVE-2008-2292)
All users of net-snmp should upgrade to these updated packages, which
contain backported patches to resolve these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | src | net-snmp | < 5.3.1-24.el5_2.1 | net-snmp-5.3.1-24.el5_2.1.src.rpm |
RedHat | 4 | s390 | net-snmp | < 5.1.2-11.el4_6.11.3 | net-snmp-5.1.2-11.el4_6.11.3.s390.rpm |
RedHat | any | i386 | net-snmp-libs | < 5.0.9-2.30E.24 | net-snmp-libs-5.0.9-2.30E.24.i386.rpm |
RedHat | 4 | s390x | net-snmp-libs | < 5.1.2-11.el4_6.11.3 | net-snmp-libs-5.1.2-11.el4_6.11.3.s390x.rpm |
RedHat | 4 | ppc | net-snmp-devel | < 5.1.2-11.el4_6.11.3 | net-snmp-devel-5.1.2-11.el4_6.11.3.ppc.rpm |
RedHat | any | s390 | net-snmp | < 5.0.9-2.30E.24 | net-snmp-5.0.9-2.30E.24.s390.rpm |
RedHat | 4 | x86_64 | net-snmp-libs | < 5.1.2-11.el4_6.11.3 | net-snmp-libs-5.1.2-11.el4_6.11.3.x86_64.rpm |
RedHat | 5 | i386 | net-snmp-perl | < 5.3.1-24.el5_2.1 | net-snmp-perl-5.3.1-24.el5_2.1.i386.rpm |
RedHat | any | s390 | net-snmp-libs | < 5.0.9-2.30E.24 | net-snmp-libs-5.0.9-2.30E.24.s390.rpm |
RedHat | any | ppc64 | net-snmp-libs | < 5.0.9-2.30E.24 | net-snmp-libs-5.0.9-2.30E.24.ppc64.rpm |