Lucene search
RedHatRHSA-2008:0529HistoryJun 10, 2008 - 12:00 a.m.
(RHSA-2008:0529) Moderate: net-snmp security update
2008-06-1000:00:00
access.redhat.com
21
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.972 High
EPSS
Percentile
99.8%
The Simple Network Management Protocol (SNMP) is a protocol used for
network management.
A flaw was found in the way Net-SNMP checked an SNMPv3 packet’s Keyed-Hash
Message Authentication Code (HMAC). An attacker could use this flaw to
spoof an authenticated SNMPv3 packet. (CVE-2008-0960)
A buffer overflow was found in the Perl bindings for Net-SNMP. This could
be exploited if an attacker could convince an application using the
Net-SNMP Perl module to connect to a malicious SNMP agent. (CVE-2008-2292)
All users of net-snmp should upgrade to these updated packages, which
contain backported patches to resolve these issues.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 5 | src | net-snmp | < 5.3.1-24.el5_2.1 | net-snmp-5.3.1-24.el5_2.1.src.rpm |
| RedHat | 4 | s390 | net-snmp | < 5.1.2-11.el4_6.11.3 | net-snmp-5.1.2-11.el4_6.11.3.s390.rpm |
| RedHat | any | i386 | net-snmp-libs | < 5.0.9-2.30E.24 | net-snmp-libs-5.0.9-2.30E.24.i386.rpm |
| RedHat | 4 | s390x | net-snmp-libs | < 5.1.2-11.el4_6.11.3 | net-snmp-libs-5.1.2-11.el4_6.11.3.s390x.rpm |
| RedHat | 4 | ppc | net-snmp-devel | < 5.1.2-11.el4_6.11.3 | net-snmp-devel-5.1.2-11.el4_6.11.3.ppc.rpm |
| RedHat | any | s390 | net-snmp | < 5.0.9-2.30E.24 | net-snmp-5.0.9-2.30E.24.s390.rpm |
| RedHat | 4 | x86_64 | net-snmp-libs | < 5.1.2-11.el4_6.11.3 | net-snmp-libs-5.1.2-11.el4_6.11.3.x86_64.rpm |
| RedHat | 5 | i386 | net-snmp-perl | < 5.3.1-24.el5_2.1 | net-snmp-perl-5.3.1-24.el5_2.1.i386.rpm |
| RedHat | any | s390 | net-snmp-libs | < 5.0.9-2.30E.24 | net-snmp-libs-5.0.9-2.30E.24.s390.rpm |
| RedHat | any | ppc64 | net-snmp-libs | < 5.0.9-2.30E.24 | net-snmp-libs-5.0.9-2.30E.24.ppc64.rpm |
Related
openvas
openvas
Gentoo Security Advisory GLSA 200808-02 (net-snmp)
2008-09-24 00:00:00
Fedora Update for net-snmp FEDORA-2008-5215
2009-02-17 00:00:00
CentOS Update for net-snmp CESA-2008:0529 centos4 i386
2009-02-27 00:00:00
nessus
nessus
RHEL 4 / 5 : net-snmp (RHSA-2008:0529)
2008-06-12 00:00:00
CentOS 3 / 4 / 5 : net-snmp (CESA-2008:0529)
2008-06-12 00:00:00
Mandriva Linux Security Advisory : net-snmp (MDVSA-2008:118)
2009-04-23 00:00:00
cert
cert
SNMPv3 improper HMAC validation allows authentication bypass
2008-06-10 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: net-snmp-5.4.1-18.fc9
2008-06-11 04:39:24
[SECURITY] Fedora 8 Update: net-snmp-5.4.1-7.fc8
2008-06-11 04:39:34
[SECURITY] Fedora 7 Update: net-snmp-5.4-18.fc7
2008-06-11 04:39:52
gentoo
gentoo
Net-SNMP: Multiple vulnerabilities
2008-08-06 00:00:00
slackware
slackware
[slackware-security] net-snmp
2008-07-29 05:33:31
oraclelinux
oraclelinux
net-snmp security update
2008-06-10 00:00:00
centos
centos
net security update
2008-06-10 20:39:52
ucd security update
2008-06-10 23:24:29
debian
debian
[SECURITY] [DSA 1663-1] New net-snmp packages fix several vulnerabilities
2008-11-09 09:49:16
ubuntu
ubuntu
Net-SNMP vulnerabilities
2008-12-03 00:00:00
osv
osv
net-snmp - several vulnerabilities
2008-11-09 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1663-1] New net-snmp packages fix several vulnerabilities
2008-11-10 00:00:00
Multiple SNMPv3 authentication implementations bypass
2008-06-10 00:00:00
Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities
2008-06-10 00:00:00
suse
suse
authentication bypass, denial-of-service in net-snmp
2008-08-01 13:33:56
vmware
vmware
Updated ESX packages for OpenSSL, net-snmp, perl
2008-08-12 00:00:00
Updated ESX packages for OpenSSL, net-snmp, perl
2008-08-12 00:00:00
Updated ESX packages for libxml2, ucd-snmp, libtiff
2008-10-31 00:00:00
prion
prion
Buffer overflow
2008-05-18 14:20:00
Authentication flaw
2008-06-10 18:32:00
exploitpack
exploitpack
Net-SNMP 5.1.45.2.45.4.1 Perl Module - Buffer Overflow (PoC)
2008-11-12 00:00:00
SNMPv3 - HMAC Validation error Remote Authentication Bypass
2008-06-12 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:31:19
Authentication Bypass
2020-04-10 00:31:19
seebug
seebug
Net-SNMP <= 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC
2008-11-13 00:00:00
Sun Solaris系统管理代理SNMP守护程序缓冲区溢出漏洞
2008-07-21 00:00:00
Net-SNMP <= 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC
2014-07-01 00:00:00
cve
cve
CVE-2008-2292
2008-05-18 14:20:00
CVE-2008-0960
2008-06-10 18:32:00
packetstorm
packetstorm
netsnmp-overflow.txt
2008-11-12 00:00:00
debiancve
debiancve
CVE-2008-2292
2008-05-18 14:20:00
CVE-2008-0960
2008-06-10 18:32:00
ubuntucve
ubuntucve
CVE-2008-2292
2008-05-18 00:00:00
CVE-2008-0960
2008-06-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Multiple Vendor SNMPv3 HMAC Handling Authentication Bypass (CVE-2008-0960)
2008-06-22 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_SNMPV3
2008-06-10 18:32:00
checkpoint_security
checkpoint_security
Check Point response to NET-SNMP vulnerability CVE-2008-0960
2008-06-04 21:00:00
redhat
redhat
(RHSA-2008:0528) Moderate: ucd-snmp security update
2008-06-10 00:00:00
f5
f5
SOL8939 - SNMPv3 HMAC verification vulnerability CVE-2008-0960 - VU#878044
2008-07-15 00:00:00
SOL9025 - FirePass SNMP DoS vulnerability
2008-07-31 00:00:00
K9025 : FirePass SNMP DoS vulnerability
2013-03-18 00:00:00
cisco
cisco
SNMP Version 3 Authentication Vulnerabilities
2008-06-10 00:00:00
exploitdb
exploitdb
Net-SNMP 5.1.4/5.2.4/5.4.1 Perl Module - Buffer Overflow (PoC)
2008-11-12 00:00:00
SNMPv3 - HMAC Validation error Remote Authentication Bypass
2008-06-12 00:00:00
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.972 High
EPSS
Percentile
99.8%
Related for RHSA-2008:0529