{"id": "SECURITYVULNS:DOC:22323", "bulletinFamily": "software", "title": "[security bulletin] HPSBMA02447 SSRT090062 rev.1 - Insight Control Suite For Linux (ICE-LX) Cross Site Request Forgery (CSRF) , Remote Execution of Arbitrary Code, Denial of Service (DoS), and Other Vulnerabilities", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c01820968\r\nVersion: 1\r\n\r\nHPSBMA02447 SSRT090062 rev.1 - Insight Control Suite For Linux (ICE-LX) Cross Site Request Forgery (CSRF) , Remote\r\nExecution of Arbitrary Code, Denial of Service (DoS), and Other Vulnerabilities\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.\r\n\r\nRelease Date: 2009-08-12\r\nLast Updated: 2009-08-12\r\n\r\nPotential Security Impact: Cross Site Request Forgery (CSRF) , Remote Execution of Arbitrary Code, Denial of Service (DoS),\r\nand Other Vulnerabilities.\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nPotential security vulnerabilities have been identified with Insight Control Suite For Linux (ICE-LX). The vulnerabilities\r\ncould be remotely exploited to allow Cross Site Request Forgery (CSRF) , Remote Execution of Arbitrary Code, Denial of\r\nService (DoS) and other vulnerabilities.\r\n\r\nReferences: CVE-2009-2677, CVE-2009-0590, CVE-2009-1272, CVE-2008-5161, CVE-2008-4309, CVE-2008-1720\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nInsight Control Suite For Linux (ICE-LX) v2.10 or earlier\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2009-2677 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.4\r\nCVE-2009-0590 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\r\nCVE-2009-1272 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\r\nCVE-2008-5161 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\r\nCVE-2008-4309 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\r\nCVE-2008-1720 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has made the following updated product kit available to resolve the vulnerabilities. The HP ICE-LX v2.11 kit is\r\navailable as described below.\r\n\r\nThe update file is HP_ICE_LX_V2.11_511708_004.iso which can be downloaded from here:\r\nhttps://h20392.www2.hp.com/portal/swdepot/try.do?productNumber=HPICELX\r\n\r\nThe kit can also be obtained by going to http://www.hp.com/go/ice-lx\r\n\r\nOpen Source packages updated in this version (v2.11) of ICE-LX\r\n\r\nnet-snmp-5.4.2.1\r\n\r\nphp 5.2.9\r\n\r\nrsync 3.0.5\r\n\r\nopenssh 5.2 p1\r\n\r\nopenssl-0.9.8k\r\n\r\nPRODUCT SPECIFIC INFORMATION\r\nNone\r\n\r\nHISTORY\r\nVersion:1 (rev.1) 12 August 2009 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products\r\nshould be applied in accordance with the customer's patch management policy.\r\n\r\nSupport: For further information, contact normal HP Services support channel.\r\n\r\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\r\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially\r\nexploit information.\r\nTo get the security-alert PGP key, please send an e-mail message as follows:\r\n To: security-alert@hp.com\r\n Subject: get key\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\r\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC\r\nOn the web page: ITRC security bulletins and patch sign-up\r\nUnder Step1: your ITRC security bulletins and patches\r\n -check ALL categories for which alerts are required and continue.\r\nUnder Step2: your ITRC operating systems\r\n -verify your operating system selections are checked and save.\r\n\r\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\r\nLog in on the web page: Subscriber's choice for Business: sign-in.\r\nOn the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.\r\n\r\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\r\n\r\n* The Software Product Category that this Security Bulletin\r\nrelates to is represented by the 5th and 6th characters\r\nof the Bulletin number in the title:\r\n\r\nGN = HP General SW\r\nMA = HP Management Agents\r\nMI = Misc. 3rd Party SW\r\nMP = HP MPE/iX\r\nNS = HP NonStop Servers\r\nOV = HP OpenVMS\r\nPI = HP Printing & Imaging\r\nST = HP Storage SW\r\nTL = HP Trusted Linux\r\nTU = HP Tru64 UNIX\r\nUX = HP-UX\r\nVV = HP VirtualVault\r\n\r\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually\r\nreviewing and enhancing the security features of software products to provide customers with current secure solutions.\r\n\r\n"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products\r\nthe important security information contained in this Bulletin. HP recommends that all users determine the applicability of\r\nthis information to their individual situations and take appropriate action. HP does not warrant that this information is\r\nnecessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages\r\nresulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP\r\ndisclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a\r\nparticular purpose, title and non-infringement."\r\n\r\nCopyright 2009 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The\r\ninformation provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its\r\naffiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime\r\ncost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or\r\nsoftware restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the\r\nnames of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other\r\ncountries. Other product and company names mentioned herein may be trademarks of their respective owners.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (HP-UX)\r\n\r\niEYEARECAAYFAkqDHSwACgkQ4B86/C0qfVmS0QCg0h5MSGfJD8lU0FMxByIbcrjY\r\nKQIAn1cPRhsjlq9Ilp0pQvrO7uPbyMVH\r\n=zsBZ\r\n-----END PGP SIGNATURE-----", "published": "2009-08-14T00:00:00", "modified": "2009-08-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22323", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2009-2677", "CVE-2008-1720", "CVE-2009-1272", "CVE-2009-0590", "CVE-2008-4309", "CVE-2008-5161"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:31", "edition": 1, "viewCount": 8, "enchantments": {"score": {"value": 7.6, "vector": "NONE", "modified": "2018-08-31T11:10:31", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-4309", "CVE-2008-1720", "CVE-2009-2677", "CVE-2009-1272", "CVE-2008-5161", "CVE-2009-0590"]}, {"type": "f5", "idList": ["SOL14609", "SOL15358", "F5:K15358", "F5:K14609"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2009-0590"]}, {"type": "freebsd", "idList": ["DAF045D7-B211-11DD-A987-000C29CA8953"]}, {"type": "gentoo", "idList": ["GLSA-200901-15", "GLSA-200804-16"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0971", "ELSA-2009-1287"]}, {"type": "seebug", "idList": ["SSV:4402", "SSV:3171"]}, {"type": "fedora", "idList": ["FEDORA:AFA8A208D5E"]}, {"type": "centos", "idList": ["CESA-2008:0971", "CESA-2009:1287"]}, {"type": "nessus", "idList": ["SUSE_LIBSNMP15-5808.NASL", "SUSE_11_0_LIBSNMP15-081121.NASL", "MANDRIVA_MDVSA-2008-225.NASL", "SLACKWARE_SSA_2008-320-02.NASL", "FREEBSD_PKG_DAF045D7B21111DDA987000C29CA8953.NASL", "SL_20081103_NET_SNMP_ON_SL3_X.NASL", "GENTOO_GLSA-200901-15.NASL", "REDHAT-RHSA-2008-0971.NASL", "CENTOS_RHSA-2008-0971.NASL", "SUSE9_12298.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063278", "OPENVAS:61873", "OPENVAS:860555", "OPENVAS:1361412562310122546", "OPENVAS:1361412562310880007", "OPENVAS:1361412562310870000", "OPENVAS:61865", "OPENVAS:63278", "OPENVAS:136141256231061865", "OPENVAS:830657"]}, {"type": "redhat", "idList": ["RHSA-2009:1287", "RHSA-2008:0971"]}, {"type": "slackware", "idList": ["SSA-2008-320-02"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:19621", "SECURITYVULNS:VULN:8891"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1545-1:813EA"]}, {"type": "ubuntu", "idList": ["USN-600-1"]}], "modified": "2018-08-31T11:10:31", "rev": 2}, "vulnersScore": 7.6}, "affectedSoftware": []}

{"cve": [{"lastseen": "2020-10-03T11:51:02", "description": "Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats.", "edition": 3, "cvss3": {}, "published": "2008-10-31T20:29:00", "title": "CVE-2008-4309", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4309"], "modified": "2018-10-11T20:51:00", "cpe": ["cpe:/a:net-snmp:net-snmp:5.3.2.2", "cpe:/a:net-snmp:net-snmp:5.2.5", "cpe:/a:net-snmp:net-snmp:5.4"], "id": "CVE-2008-4309", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4309", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:net-snmp:net-snmp:5.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:net-snmp:net-snmp:5.4:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:51:03", "description": "Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.\nhttp://securitytracker.com/alerts/2008/Nov/1021235.html\n\nCBC mode connections are affected\nWith a valid username and password patches are available at the following link:\nhttps://downloads.ssh.com/", "edition": 3, "cvss3": {}, "published": "2008-11-19T17:30:00", "title": "CVE-2008-5161", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5161"], "modified": "2018-10-11T20:54:00", "cpe": ["cpe:/a:ssh:tectia_server:4.3.2", "cpe:/a:ssh:tectia_server:5.4.2", "cpe:/a:ssh:tectia_client:4.4.1", "cpe:/a:ssh:tectia_connector:4.3.4", "cpe:/a:ssh:tectia_client:4.3.9k", "cpe:/a:ssh:tectia_server:4.1.3", "cpe:/a:ssh:tectia_client:5.3.8", "cpe:/a:ssh:tectia_server:4.0.4", "cpe:/a:ssh:tectia_server:4.4.5", "cpe:/a:ssh:tectia_server:5.2.1", "cpe:/a:ssh:tectia_server:4.4.7", "cpe:/a:ssh:tectia_server:5.2.3", "cpe:/a:ssh:tectia_connectsecure:6.0.2", "cpe:/a:ssh:tectia_client:4.4.7", "cpe:/a:ssh:tectia_client:5.3.3", "cpe:/a:ssh:tectia_connector:5.1.2", "cpe:/a:ssh:tectia_client:6.0.1", "cpe:/a:ssh:tectia_client:5.0.1f", "cpe:/a:ssh:tectia_server:4.4.10", "cpe:/a:ssh:tectia_connector:5.0.0", "cpe:/a:ssh:tectia_server:4.0.5", "cpe:/a:ssh:tectia_server:5.1.1", "cpe:/a:ssh:tectia_client:5.2.3", "cpe:/a:ssh:tectia_client:6.0.3", "cpe:/a:ssh:tectia_client:4.4.9", "cpe:/a:ssh:tectia_client:5.0.0f", "cpe:/a:ssh:tectia_server:5.3.1", "cpe:/a:ssh:tectia_server:5.1.2", "cpe:/a:ssh:tectia_server:4.0", "cpe:/a:ssh:tectia_client:4.0.4", "cpe:/a:ssh:tectia_client:5.2.2", "cpe:/a:ssh:tectia_server:6.0.4", "cpe:/a:ssh:tectia_server:6.0.1", "cpe:/a:ssh:tectia_server:4.2.0", "cpe:/a:ssh:tectia_connectsecure:6.0.1", "cpe:/a:ssh:tectia_connector:5.3.3", "cpe:/a:ssh:tectia_server:5.2.4", "cpe:/a:ssh:tectia_client:4.4.10", "cpe:/a:ssh:tectia_client:4.0.3", "cpe:/a:ssh:tectia_client:5.3.2", "cpe:/a:ssh:tectia_connector:4.4.2", "cpe:/a:ssh:tectia_client:5.0.3f", "cpe:/a:ssh:tectia_server:5.0.3", "cpe:/a:ssh:tectia_client:6.0.4", "cpe:/a:ssh:tectia_client:4.2.1", "cpe:/a:ssh:tectia_connector:4.4.6", "cpe:/a:ssh:tectia_client:5.1.3", "cpe:/a:ssh:tectia_client:5.2.4", "cpe:/a:ssh:tectia_connector:5.0.1", "cpe:/a:ssh:tectia_client:4.4.6", "cpe:/a:ssh:tectia_client:5.3.5", "cpe:/a:ssh:tectia_client:5.1.2", "cpe:/a:ssh:tectia_server:5.0.2", "cpe:/a:ssh:tectia_client:5.3.1", "cpe:/a:ssh:tectia_client:4.4.3", "cpe:/a:ssh:tectia_client:4.3.8k", "cpe:/a:ssh:tectia_client:4.0", "cpe:/a:ssh:tectia_client:5.2.1", "cpe:/a:ssh:tectia_connector:5.1.1", "cpe:/a:ssh:tectia_client:5.0.1", "cpe:/a:ssh:tectia_client:5.2.0", "cpe:/a:ssh:tectia_connector:5.3.0", "cpe:/a:ssh:tectia_connector:5.0.2", "cpe:/a:ssh:tectia_server:5.3.6", "cpe:/a:ssh:tectia_connector:5.1.3", "cpe:/a:ssh:tectia_connector:4.4.0", "cpe:/a:ssh:tectia_server:4.1.2", "cpe:/a:ssh:tectia_connector:5.3.2", "cpe:/a:ssh:tectia_client:4.4.11", "cpe:/a:ssh:tectia_client:4.0.5", "cpe:/a:ssh:tectia_server:5.3.8", "cpe:/a:ssh:tectia_connector:4.4.9", "cpe:/a:ssh:tectia_server:5.0.0", "cpe:/a:ssh:tectia_server:5.5.0", "cpe:/a:ssh:tectia_client:4.3.2j", "cpe:/a:ssh:tectia_client:5.0.3", "cpe:/a:ssh:tectia_server:4.4", "cpe:/a:ssh:tectia_client:4.3.7", "cpe:/a:ssh:tectia_connector:4.3.0", "cpe:/a:ssh:tectia_server:4.3.0", "cpe:/a:ssh:tectia_server:4.4.4", "cpe:/a:ssh:tectia_server:4.4.8", "cpe:/a:ssh:tectia_client:4.2", "cpe:/a:ssh:tectia_server:5.1.0", "cpe:/a:ssh:tectia_connector:5.3.1", "cpe:/a:ssh:tectia_client:4.3.6", "cpe:/a:ssh:tectia_client:5.3.7", "cpe:/a:ssh:tectia_server:4.4.2", "cpe:/a:ssh:tectia_connector:5.0.3", "cpe:/a:ssh:tectia_client:6.0.0", "cpe:/a:ssh:tectia_client:4.3.3", "cpe:/a:ssh:tectia_connector:5.3.8", "cpe:/a:ssh:tectia_client:5.0.2", "cpe:/a:ssh:tectia_server:4.4.0", "cpe:/a:ssh:tectia_client:4.4", "cpe:/a:ssh:tectia_server:4.3", "cpe:/a:ssh:tectia_server:4.3.6", "cpe:/a:ssh:tectia_server:6.0.3", "cpe:/a:ssh:tectia_server:4.3.4", "cpe:/a:ssh:tectia_server:5.3.7", "cpe:/a:ssh:tectia_client:4.3.5", "cpe:/a:ssh:tectia_connector:4.0.7", "cpe:/a:ssh:tectia_server:4.3.3", "cpe:/a:ssh:tectia_server:6.0.2", "cpe:/a:ssh:tectia_server:4.1.5", "cpe:/a:ssh:tectia_server:4.0.7", "cpe:/a:openbsd:openssh:4.7p1", "cpe:/a:ssh:tectia_server:6.0.0", "cpe:/a:ssh:tectia_connector:4.4.7", "cpe:/a:ssh:tectia_server:4.0.3", "cpe:/a:ssh:tectia_server:5.3.4", "cpe:/a:ssh:tectia_server:5.5.1", "cpe:/a:ssh:tectia_server:4.2.1", "cpe:/a:ssh:tectia_server:5.2.2", "cpe:/a:ssh:tectia_connector:4.1.5", "cpe:/a:ssh:tectia_client:4.3", "cpe:/a:ssh:tectia_client:5.0.2f", "cpe:/a:ssh:tectia_server:5.3.5", "cpe:/a:ssh:tectia_server:5.3.2", "cpe:/a:ssh:tectia_client:4.4.4", "cpe:/a:ssh:tectia_server:4.3.5", "cpe:/a:ssh:tectia_server:4.4.9", "cpe:/a:ssh:tectia_connector:4.4.10", "cpe:/a:ssh:tectia_connectsecure:6.0.3", "cpe:/a:ssh:tectia_client:4.3.4", "cpe:/a:ssh:tectia_connector:4.1.3", "cpe:/a:ssh:tectia_server:5.3.3", "cpe:/a:ssh:tectia_connectsecure:6.0.0", "cpe:/a:ssh:tectia_client:4.0.1", "cpe:/a:ssh:tectia_client:4.3.1j", "cpe:/a:ssh:tectia_server:5.0.1", "cpe:/a:ssh:tectia_client:5.0.0", "cpe:/a:ssh:tectia_server:4.2.2", "cpe:/a:ssh:tectia_connector:5.1.0", "cpe:/a:ssh:tectia_client:4.4.2", "cpe:/a:ssh:tectia_connector:4.3.5", "cpe:/a:ssh:tectia_server:4.3.1", "cpe:/a:ssh:tectia_client:4.3.1", "cpe:/a:ssh:tectia_client:6.0.2", "cpe:/a:ssh:tectia_connector:4.1.2", "cpe:/a:ssh:tectia_server:4.4.1", "cpe:/a:ssh:tectia_server:4.3.7", "cpe:/a:ssh:tectia_server:5.1.3", "cpe:/a:ssh:tectia_server:5.4.1", "cpe:/a:ssh:tectia_connector:5.3.7", "cpe:/a:ssh:tectia_client:5.1.1", "cpe:/a:ssh:tectia_client:5.1.0", "cpe:/a:ssh:tectia_server:5.2.0", "cpe:/a:ssh:tectia_server:5.3.0", "cpe:/a:ssh:tectia_server:4.4.11", "cpe:/a:ssh:tectia_client:5.3.0", "cpe:/a:ssh:tectia_client:5.3.6", "cpe:/a:ssh:tectia_client:4.3.2", "cpe:/a:ssh:tectia_connector:4.4.4", "cpe:/a:ssh:tectia_connectsecure:6.0.4", "cpe:/a:ssh:tectia_client:4.4.8", "cpe:/a:ssh:tectia_connector:4.2.0", "cpe:/a:ssh:tectia_server:4.4.6", "cpe:/a:ssh:tectia_server:5.4.0", "cpe:/a:ssh:tectia_connector:5.2.2"], "id": "CVE-2008-5161", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5161", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:ssh:tectia_server:4.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connectsecure:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.3.9k:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.0.0f:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connectsecure:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:6.0.4:*:linux_ibm_zos:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.4.2:*:ibm_zos:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.4.0:*:ibm_zos:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.3.2j:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.0.1f:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.5.0:*:ibm_zos:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.2.2:*:ibm_zos:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.3.8k:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.2.1:*:ibm_zos:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:6.0.1:*:ibm_zos:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.1.1:*:ibm_zos:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.3.1j:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.3.0:*:ibm_zos:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connectsecure:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connectsecure:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.5.1:*:ibm_zos:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.4.1:*:ibm_zos:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:6.0.0:*:ibm_zos:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.0.3f:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.0.2f:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connectsecure:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:5.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:5.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_connector:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_client:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:5.2.0:*:ibm_zos:*:*:*:*:*", "cpe:2.3:a:ssh:tectia_server:4.1.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:31:20", "description": "Cross-site request forgery (CSRF) vulnerability in HP Insight Control Suite For Linux (aka ICE-LX) before 2.11 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.", "edition": 5, "cvss3": {}, "published": "2009-08-14T15:16:00", "title": "CVE-2009-2677", "type": "cve", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2677"], "modified": "2017-08-17T01:30:00", "cpe": ["cpe:/a:hp:insight_control_suite_for_linux:2.10"], "id": "CVE-2009-2677", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2677", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:hp:insight_control_suite_for_linux:2.10:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:31:16", "description": "The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.", "edition": 6, "cvss3": {}, "published": "2009-03-27T16:30:00", "title": "CVE-2009-0590", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0590"], "modified": "2020-11-03T17:38:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:5.0"], "id": "CVE-2009-0590", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0590", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:50:58", "description": "Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.", "edition": 3, "cvss3": {}, "published": "2008-04-10T19:05:00", "title": "CVE-2008-1720", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1720"], "modified": "2018-10-03T21:54:00", "cpe": ["cpe:/a:samba:rsync:2.8.7", "cpe:/a:samba:rsync:2.7.8", "cpe:/a:samba:rsync:2.9.2", "cpe:/a:samba:rsync:2.7.7", "cpe:/a:samba:rsync:3.0.0", "cpe:/a:samba:rsync:2.7.2", "cpe:/a:samba:rsync:2.8.2", "cpe:/a:samba:rsync:2.8.1", "cpe:/a:samba:rsync:2.7.1", "cpe:/a:samba:rsync:2.8.5", "cpe:/a:samba:rsync:2.8.4", "cpe:/a:samba:rsync:2.6.9", "cpe:/a:samba:rsync:2.9.5", "cpe:/a:samba:rsync:2.9.0", "cpe:/a:samba:rsync:2.7.3", "cpe:/a:samba:rsync:2.7.4", "cpe:/a:samba:rsync:2.9.3", "cpe:/a:samba:rsync:2.9.4", "cpe:/a:samba:rsync:2.8.8", "cpe:/a:samba:rsync:2.8.3", "cpe:/a:samba:rsync:2.9.6", "cpe:/a:samba:rsync:2.9.9", "cpe:/a:samba:rsync:2.8.9", "cpe:/a:samba:rsync:2.8.0", "cpe:/a:samba:rsync:2.9.7", "cpe:/a:samba:rsync:2.7.9", "cpe:/a:samba:rsync:3.0.1", "cpe:/a:samba:rsync:2.7.0", "cpe:/a:samba:rsync:2.7.6", "cpe:/a:samba:rsync:2.8.6", "cpe:/a:samba:rsync:2.9.1", "cpe:/a:samba:rsync:2.7.5", "cpe:/a:samba:rsync:2.9.8"], "id": "CVE-2008-1720", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1720", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:samba:rsync:2.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.9.9:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.7.9:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.7.8:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:samba:rsync:2.8.9:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:54:12", "description": "The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x before 5.2.9 allows context-dependent attackers to cause a denial of service (crash) via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction.", "edition": 3, "cvss3": {}, "published": "2009-04-08T18:30:00", "title": "CVE-2009-1272", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1272"], "modified": "2009-09-16T05:30:00", "cpe": ["cpe:/a:php:php:5.2.1", "cpe:/a:php:php:5.2.6", "cpe:/a:php:php:5.2.3", "cpe:/a:php:php:5.2.5", "cpe:/a:php:php:5.2.4", "cpe:/a:php:php:5.2.0", "cpe:/a:php:php:5.2.8", "cpe:/a:php:php:5.2.2", "cpe:/a:php:php:5.2.7"], "id": "CVE-2009-1272", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1272", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.4:*:windows:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2017-06-08T00:16:15", "bulletinFamily": "software", "cvelist": ["CVE-2008-5161"], "edition": 1, "description": "\nF5 Product Development tracked this vulnerability as ID 204845, and has evaluated the currently-supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 9.0.0 - 9.6.1 \n10.0.0 - 10.0.1 \n| 10.1.0 - 10.2.4 \n11.0.0 - 11.4.0 \n \n| SSH access \n \nBIG-IP AAM | None | 11.4.0 | None \nBIG-IP AFM | None | 11.3.0 - 11.4.0 | None \nBIG-IP Analytics | None | 11.0.0 - 11.4.0 | None \nBIG-IP APM | None | 10.1.0 - 10.2.4 \n11.0.0 - 11.3.0 | None \nBIG-IP ASM | 9.2.0 - 9.4.8 \n10.0.0 - 10.0.1 | 10.1.0 - 10.2.4 \n11.0.0 - 11.4.0 | SSH access \n \nBIG-IP Edge Gateway \n| None | 10.1.0 - 10.2.4 \n11.0.0 - 11.4.0 | None \nBIG-IP GTM | 9.2.2 - 9.4.8 \n10.0.0 - 10.0.1 | 10.1.0 - 10.2.4 \n11.0.0 - 11.4.0 | SSH access \n \nBIG-IP Link Controller | 9.2.2 - 9.4.8 \n10.0.0 - 10.0.1 \n| 10.1.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| SSH access \n \nBIG-IP PEM | None \n| 11.3.0 - 11.4.0 \n| None \nBIG-IP PSM | 9.4.5 - 9.4.8 \n10.0.0 - 10.0.1 | 10.1.0 - 10.2.4 \n11.0.0 - 11.4.0 | SSH access \n \nBIG-IP WebAccelerator | 9.4.0 - 9.4.8 \n10.0.0 - 10.0.1 | 10.1.0 - 10.2.4 \n11.0.0 - 11.3.0 | SSH access \nBIG-IP WOM | 10.0.0 - 10.0.1 | 10.1.0 - 10.2.4 \n11.0.0 - 11.3.0 | SSH access \nARX | None | 5.0.0 - 5.3.1 \n6.0.0 - 6.4.0 \n| None \nEnterprise Manager | 1.6.0 - 1.8.0 \n| 2.0.0 - 2.3.0 \n3.0.0 - 3.1.1 | SSH access \nFirePass | None | 6.0.0 - 6.1.0 \n7.0.0 | None\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column in the previous table.\n\n**Note**: BIG-IP and Enterprise Manager systems running fixed versions can be affected when an older OpenSSH client connects to the updated server. If you are using old SSH clients, you should upgrade the clients or manually set those clients' cipher lists to only include CTR ciphers. For example, to use only CTR ciphers for the OpenSSH client, the command line must include the following option: \n \n-c aes128-ctr,aes192-ctr,aes256-ctr\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 12.x)](<https://support.f5.com/csp/article/K13123>)\n * [K10025: Managing BIG-IP product hotfixes (10.x)](<https://support.f5.com/csp/article/K10025>)\n * [K6845: Managing BIG-IP product hotfixes (9.x)](<https://support.f5.com/csp/article/K6845>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n", "modified": "2017-03-14T19:57:00", "published": "2013-08-16T05:35:00", "href": "https://support.f5.com/csp/article/K14609", "id": "F5:K14609", "type": "f5", "title": "OpenSSH vulnerability CVE-2008-5161", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-06-08T10:18:58", "bulletinFamily": "software", "cvelist": ["CVE-2009-0590"], "edition": 1, "description": "\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | None \n| 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 \n| None \nBIG-IP AAM | None | 11.4.0 - 11.5.1 \n| None \nBIG-IP AFM | None | 11.3.0 - 11.5.1 \n| None \nBIG-IP Analytics | None | 11.0.0 - 11.5.1 \n| None \nBIG-IP APM | None | 11.0.0 - 11.5.1 \n10.1.0 - 10.2.4 \n| None \nBIG-IP ASM | None | 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 \n| None \nBIG-IP Edge Gateway \n| None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| None \nBIG-IP GTM | None | 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 \n| None \nBIG-IP Link Controller | None \n| 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 \n| None \nBIG-IP PEM | None \n| 11.3.0 - 11.5.1 \n| None \nBIG-IP PSM | None | 11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 \n| None \nBIG-IP WebAccelerator | None | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n| None \nBIG-IP WOM | None | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n| None \nARX | None | 6.0.0 - 6.4.0 \n| None \nEnterprise Manager | None | 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0 \n| None \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 \n| None \nBIG-IQ Cloud | None \n| 4.0.0 - 4.3.0 \n| None \nBIG-IQ Device | None \n| 4.2.0 - 4.3.0 \n| None \nBIG-IQ Security | None | 4.0.0 - 4.3.0 | None \nLineRate | None | 2.3.0 - 2.3.1 \n2.2.0 - 2.2.4 \n1.6.0 - 1.6.3 | None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents.](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2017-03-14T22:07:00", "published": "2014-06-19T21:49:00", "href": "https://support.f5.com/csp/article/K15358", "id": "F5:K15358", "title": "OpenSSL vulnerability CVE-2009-0590", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:27", "bulletinFamily": "software", "cvelist": ["CVE-2008-5161"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column in the previous table.\n\n**Note**: BIG-IP and Enterprise Manager systems running fixed versions can be affected when an older OpenSSH client connects to the updated server. If you are using old SSH clients, you should upgrade the clients or manually set those clients' cipher lists to only include CTR ciphers. For example, to use only CTR ciphers for the OpenSSH client, the command line must include the following option: \n \n-c aes128-ctr,aes192-ctr,aes256-ctr\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL6845: Managing BIG-IP product hotfixes (9.x)\n * SOL9502: BIG-IP hotfix matrix\n", "modified": "2016-07-25T00:00:00", "published": "2013-08-15T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/600/sol14609.html", "id": "SOL14609", "title": "SOL14609 - OpenSSH vulnerability CVE-2008-5161", "type": "f5", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-26T17:22:53", "bulletinFamily": "software", "cvelist": ["CVE-2009-0590"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2016-07-25T00:00:00", "published": "2014-06-19T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15358.html", "id": "SOL15358", "title": "SOL15358 - OpenSSL vulnerability CVE-2009-0590", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openssl": [{"lastseen": "2020-09-14T11:36:50", "bulletinFamily": "software", "cvelist": ["CVE-2009-0590"], "description": " The function ASN1_STRING_print_ex() when used to print a BMPString or UniversalString will crash with an invalid memory access if the encoded length of the string is illegal. Any OpenSSL application which prints out the contents of a certificate could be affected by this bug, including SSL servers, clients and S/MIME software.\n\n * Fixed in OpenSSL 0.9.8k (Affected 0.9.8-0.9.8j)\n", "edition": 1, "modified": "2009-03-25T00:00:00", "published": "2009-03-25T00:00:00", "id": "OPENSSL:CVE-2009-0590", "href": "https://www.openssl.org/news/secadv/20090325.txt", "title": "Vulnerability in OpenSSL CVE-2009-0590", "type": "openssl", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:21", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4309"], "description": "\nWes Hardaker reports through sourceforge.net forum:\n\nSECURITY ISSUE: A bug in the getbulk handling code could\n\t let anyone with even minimal access crash the agent. If you\n\t have open access to your snmp agents (bad bad bad; stop doing\n\t that!) or if you don't trust everyone that does have access to\n\t your agents you should updated immediately to prevent\n\t potential denial of service attacks.\n\nDescription at cve.mitre.org additionally clarifies:\n\nInteger overflow in the netsnmp_create_subtree_cache\n\t function in agent/snmp_agent.c in net-snmp 5.4 before\n\t 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows\n\t remote attackers to cause a denial of service (crash) via\n\t a crafted SNMP GETBULK request, which triggers a heap-based\n\t buffer overflow, related to the number of responses or\n\t repeats.\n\n", "edition": 4, "modified": "2009-03-23T00:00:00", "published": "2008-10-12T00:00:00", "id": "DAF045D7-B211-11DD-A987-000C29CA8953", "href": "https://vuxml.freebsd.org/freebsd/daf045d7-b211-11dd-a987-000c29ca8953.html", "title": "net-snmp -- DoS for SNMP agent via crafted GETBULK request", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:27", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4309"], "edition": 1, "description": "### Background\n\nNet-SNMP is a collection of tools for generating and retrieving SNMP data. \n\n### Description\n\nOscar Mira-Sanchez reported an integer overflow in the netsnmp_create_subtree_cache() function in agent/snmp_agent.c when processing GETBULK requests. \n\n### Impact\n\nA remote attacker could send a specially crafted request to crash the SNMP server. NOTE: The attacker needs to know the community string to exploit this vulnerability. \n\n### Workaround\n\nRestrict access to trusted entities only. \n\n### Resolution\n\nAll Net-SNMP users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/net-snmp-5.4.2.1\"", "modified": "2009-01-21T00:00:00", "published": "2009-01-21T00:00:00", "id": "GLSA-200901-15", "href": "https://security.gentoo.org/glsa/200901-15", "type": "gentoo", "title": "Net-SNMP: Denial of Service", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:34", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1720"], "edition": 1, "description": "### Background\n\nrsync is a file transfer program to keep remote directories synchronized. \n\n### Description\n\nSebastian Krahmer of SUSE reported an integer overflow in the expand_item_list() function in the file util.c which might lead to a heap-based buffer overflow when extended attribute (xattr) support is enabled. \n\n### Impact\n\nA remote attacker could send a file containing specially crafted extended attributes to an rsync deamon, or entice a user to sync from an rsync server containing specially crafted files, possibly leading to the execution of arbitrary code. \n\nPlease note that extended attributes are only enabled when USE=\"acl\" is enabled, which is the default setting. \n\n### Workaround\n\nDisable extended attributes in the rsync daemon by setting \"_refuse options = xattrs_\" in the file \"/etc/rsyncd.conf\" (or append \"xattrs\" to an existing \"refuse\" statement). When synchronizing to a server, do not provide the \"-X\" parameter to rsync. You can also disable the \"acl\" USE flag for rsync and recompile the package. \n\n### Resolution\n\nAll rsync users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/rsync-2.6.9-r6\"", "modified": "2008-04-17T00:00:00", "published": "2008-04-17T00:00:00", "id": "GLSA-200804-16", "href": "https://security.gentoo.org/glsa/200804-16", "type": "gentoo", "title": "rsync: Execution of arbitrary code", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:26", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0590"], "edition": 1, "description": "### Background\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library. \n\n### Description\n\nThe ASN1_STRING_print_ex() function does not properly check the provided length of a BMPString or UniversalString, leading to an invalid memory access. \n\n### Impact\n\nA remote attacker could entice a user or automated system to print a specially crafted certificate, possibly leading to a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll OpenSSL users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/openssl-0.9.8k\"", "modified": "2009-04-07T00:00:00", "published": "2009-04-07T00:00:00", "id": "GLSA-200904-08", "href": "https://security.gentoo.org/glsa/200904-08", "type": "gentoo", "title": "OpenSSL: Denial of Service", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:01", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4309"], "description": "[5.3.1-24.2]\n- fix crash in bulk request processing (#469373)", "edition": 4, "modified": "2008-11-03T00:00:00", "published": "2008-11-03T00:00:00", "id": "ELSA-2008-0971", "href": "http://linux.oracle.com/errata/ELSA-2008-0971.html", "title": "net-snmp security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:16", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5161"], "description": "[4.3p2-36]\n- tiny change in chroot sftp capability into openssh-server solve ls speed problem (#440240)\n[4.3p2-35]\n- workaround to plaintext recovery attack against CBC ciphers CVE-2008-5161 (#502230)\n[4.3p2-34]\n- disable protocol 1 in the FIPS mode\n[4.3p2-33]\n- fix scp hangup on exit (#454812)\n- call integrity checks only on binaries which are part of the OpenSSH FIPS\n modules\n[4.3p2-32]\n- log if FIPS mode is initialized (#492363)\n- check the integrity of the binaries in the FIPS mode (#467268)\n[4.3p2-31]\n- fix ssh hangup on exit (#454812)\n[4.3p2-30]\n- add chroot sftp capability into openssh-server (#440240)", "edition": 4, "modified": "2009-09-08T00:00:00", "published": "2009-09-08T00:00:00", "id": "ELSA-2009-1287", "href": "http://linux.oracle.com/errata/ELSA-2009-1287.html", "title": "openssh security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "seebug": [{"lastseen": "2017-11-19T22:02:18", "description": "CVE(CAN) ID: CVE-2008-4309\r\n\r\nNet-SNMP\u662f\u4e00\u4e2a\u514d\u8d39\u7684\u3001\u5f00\u653e\u6e90\u7801\u7684SNMP\u5b9e\u73b0\uff0c\u4ee5\u524d\u79f0\u4e3aUCD-SNMP\u3002\r\n\r\nNet-SNMP\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6b64\u6f0f\u6d1e\u5bfc\u81f4\u670d\u52a1\u5668\u62d2\u7edd\u670d\u52a1\u3002\u95ee\u9898\u5b58\u5728\u4e8eagent/snmp_agent.c\u6587\u4ef6\u7684netsnmp_create_subtree_cache()\u51fd\u6570\u4e2d\uff0c\u7cbe\u5fc3\u6784\u9020\u7684\u7578\u5f62\u7684SNMP GETBULK\u8bf7\u6c42\u4f1a\u5bfc\u81f4\u51fd\u6570\u53d1\u751f\u6574\u6570\u6ea2\u51fa\uff0c\u5728\u540e\u7eed\u7684\u5904\u7406\u4e2d\u5bfc\u81f4\u670d\u52a1\u8fdb\u7a0b\u5d29\u6e83\u3002\n0\nNet-SNMP net-snmp 5.4.x &lt; 5.4.2.1\r\nNet-SNMP net-snmp 5.3.x &lt; 5.3.2.3\r\nNet-SNMP net-snmp 5.2.x &lt; 5.2.5.1\nNet-SNMP\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n&lt;a href=http://sourceforge.net/projects/net-snmp/ target=_blank&gt;http://sourceforge.net/projects/net-snmp/&lt;/a&gt;", "published": "2008-11-05T00:00:00", "title": "Net-SNMP GETBULK\u8bf7\u6c42\u6574\u6570\u6ea2\u51fa\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-4309"], "modified": "2008-11-05T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4402", "id": "SSV:4402", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T21:43:21", "description": "BUGTRAQ ID: 28726\r\nCVE(CAN) ID: CVE-2008-1720\r\n\r\nrsync\u662f\u4e00\u4e2a\u5feb\u901f\u589e\u91cf\u6587\u4ef6\u4f20\u8f93\u5de5\u5177\uff0c\u7528\u4e8e\u5728\u540c\u4e00\u4e3b\u673a\u5907\u4efd\u5185\u90e8\u7684\u5907\u4efd\u3002\r\n\r\nrsync\u5904\u7406\u6269\u5c55\u5c5e\u6027\u6570\u636e\u65f6\u5b58\u5728\u6f0f\u6d1e\uff0c\u5982\u679crsync\u542f\u7528\u4e86\u6269\u5c55\u5c5e\u6027\uff08xattr\uff09\u652f\u6301\u7684\u8bdd\uff0c\u5219\u8d1f\u8d23\u5904\u7406\u8be5\u5c5e\u6027\u7684\u4ee3\u7801\u4e2d\u7684\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\u53ef\u80fd\u5bfc\u81f4\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\r\n\n\nrsync rsync 2.6.9 - 3.0.1\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nDebian\r\n------\r\nDebian\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08DSA-1545-1\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nDSA-1545-1\uff1aNew rsync packages fix arbitrary code execution\r\n\u94fe\u63a5\uff1a<a href=http://www.debian.org/security/2008/dsa-1545 target=_blank>http://www.debian.org/security/2008/dsa-1545</a>\r\n\r\n\u8865\u4e01\u4e0b\u8f7d\uff1a\r\n\r\nSource archives:\r\n\r\n<a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2.dsc target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2.dsc</a>\r\nSize/MD5 checksum: 566 6504d35182ed2141c8d7d2f8152d5fb7\r\n<a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9.orig.tar.gz target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9.orig.tar.gz</a>\r\nSize/MD5 checksum: 811841 996d8d8831dbca17910094e56dcb5942\r\n<a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2.diff.gz target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2.diff.gz</a>\r\nSize/MD5 checksum: 51039 2131acc598dbbe26f9b6f04c0a0d3f2b\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_alpha.deb</a>\r\nSize/MD5 checksum: 294664 ea644ca8d37211ccbc1f8173e934d45a\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n<a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_amd64.deb</a>\r\nSize/MD5 checksum: 272046 0d9e9576b24a245265f9a98d15ce3b0b\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_hppa.deb</a>\r\nSize/MD5 checksum: 282552 dd5e17e39eeaa712287d166e3346bd7d\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_i386.deb</a>\r\nSize/MD5 checksum: 261454 b68ddd05ba2a02f7a5f6bd9cc7807a2e\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_ia64.deb</a>\r\nSize/MD5 checksum: 356986 df80d4332478c019d540b07ac16c235f\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n<a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_mips.deb</a>\r\nSize/MD5 checksum: 286532 21aeda2221c4b31c2f19296b58654222\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n<a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_mipsel.deb</a>\r\nSize/MD5 checksum: 287282 0c750c3cf7089ad7e7ea3d9d273df9b9\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_powerpc.deb</a>\r\nSize/MD5 checksum: 275184 6d81a7a14422fd5bc7c89bd755320e80\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_s390.deb</a>\r\nSize/MD5 checksum: 278828 5300915466913e7832a3649ba701d49e\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_sparc.deb</a>\r\nSize/MD5 checksum: 264144 885fc97a390e1db66290805c06e35947\r\n\r\n\u8865\u4e01\u5b89\u88c5\u65b9\u6cd5\uff1a\r\n\r\n1. \u624b\u5de5\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u4e0b\u8f7d\u8865\u4e01\u8f6f\u4ef6\uff1a\r\n # wget url (url\u662f\u8865\u4e01\u4e0b\u8f7d\u94fe\u63a5\u5730\u5740)\r\n\r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u5b89\u88c5\u8865\u4e01\uff1a \r\n # dpkg -i file.deb (file\u662f\u76f8\u5e94\u7684\u8865\u4e01\u540d)\r\n\r\n2. \u4f7f\u7528apt-get\u81ea\u52a8\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u66f4\u65b0\u5185\u90e8\u6570\u636e\u5e93\uff1a\r\n # apt-get update\r\n \r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u5b89\u88c5\u66f4\u65b0\u8f6f\u4ef6\u5305\uff1a\r\n # apt-get upgrade\r\n\r\nrsync\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=http://samba.anu.edu.au/rsync/download.html target=_blank>http://samba.anu.edu.au/rsync/download.html</a>\r\n<a href=http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff target=_blank>http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff</a>", "published": "2008-04-15T00:00:00", "type": "seebug", "title": "Rsync xattr\u652f\u6301\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-1720"], "modified": "2008-04-15T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-3171", "id": "SSV:3171", "sourceData": "", "sourceHref": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4309"], "description": "SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc. You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities. Building option: \t--without tcp_wrappers : disable tcp_wrappers support ", "modified": "2008-11-27T02:10:26", "published": "2008-11-27T02:10:26", "id": "FEDORA:AFA8A208D5E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: net-snmp-5.4.2.1-1.fc10", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:24:42", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4309"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0971\n\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nA denial-of-service flaw was found in the way Net-SNMP processes SNMP\nGETBULK requests. A remote attacker who issued a specially-crafted request\ncould cause the snmpd server to crash. (CVE-2008-4309)\n\nNote: An attacker must have read access to the SNMP server in order to\nexploit this flaw. In the default configuration, the community name\n\"public\" grants read-only access. In production deployments, it is\nrecommended to change this default community name.\n\nAll users of net-snmp should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-November/027403.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-November/027404.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-November/027405.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-November/027406.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-November/027423.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-November/027424.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-November/027425.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-November/027426.html\n\n**Affected packages:**\nnet-snmp\nnet-snmp-devel\nnet-snmp-libs\nnet-snmp-perl\nnet-snmp-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0971.html", "edition": 4, "modified": "2008-11-07T21:44:35", "published": "2008-11-03T19:25:11", "href": "http://lists.centos.org/pipermail/centos-announce/2008-November/027403.html", "id": "CESA-2008:0971", "title": "net security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-17T03:33:50", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5161"], "description": "**CentOS Errata and Security Advisory** CESA-2009:1287\n\n\nOpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation. These\npackages include the core files necessary for both the OpenSSH client and\nserver.\n\nA flaw was found in the SSH protocol. An attacker able to perform a\nman-in-the-middle attack may be able to obtain a portion of plain text from\nan arbitrary ciphertext block when a CBC mode cipher was used to encrypt\nSSH communication. This update helps mitigate this attack: OpenSSH clients\nand servers now prefer CTR mode ciphers to CBC mode, and the OpenSSH server\nnow reads SSH packets up to their full possible length when corruption is\ndetected, rather than reporting errors early, reducing the possibility of\nsuccessful plain text recovery. (CVE-2008-5161)\n\nThis update also fixes the following bug:\n\n* the ssh client hung when trying to close a session in which a background\nprocess still held tty file descriptors open. With this update, this\nso-called \"hang on exit\" error no longer occurs and the ssh client closes\nthe session immediately. (BZ#454812)\n\nIn addition, this update adds the following enhancements:\n\n* the SFTP server can now chroot users to various directories, including\na user's home directory, after log in. A new configuration option --\nChrootDirectory -- has been added to \"/etc/ssh/sshd_config\" for setting\nthis up (the default is not to chroot users). Details regarding configuring\nthis new option are in the sshd_config(5) manual page. (BZ#440240)\n\n* the executables which are part of the OpenSSH FIPS module which is being\nvalidated will check their integrity and report their FIPS mode status to\nthe system log or to the terminal. (BZ#467268, BZ#492363)\n\nAll OpenSSH users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues and add these\nenhancements. After installing this update, the OpenSSH server daemon\n(sshd) will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-September/028179.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-September/028180.html\n\n**Affected packages:**\nopenssh\nopenssh-askpass\nopenssh-clients\nopenssh-server\n\n**Upstream details at:**\n", "edition": 5, "modified": "2009-09-15T18:27:52", "published": "2009-09-15T18:27:52", "href": "http://lists.centos.org/pipermail/centos-announce/2009-September/028179.html", "id": "CESA-2009:1287", "title": "openssh security update", "type": "centos", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2021-01-01T05:51:33", "description": "Remote attackers could crash net-snmp via GETBULK-Request\n(CVE-2008-4309).\n\nIn addition the following non-security issues have been fixed :\n\n - typo in error message (bnc#439857)\n\n - fix duplicate registration warnings on startup\n (bnc#326957)\n\n - container insert errors reproducable with shared ip\n setups (bnc#396773)\n\n - typo in the snmpd init script to really load all agents\n (bnc#415127)\n\n - logrotate config to restart the snmptrapd aswell\n (bnc#378069)", "edition": 22, "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : libsnmp15 (libsnmp15-319)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:perl-SNMP", "p-cpe:/a:novell:opensuse:net-snmp-devel", "p-cpe:/a:novell:opensuse:net-snmp", "p-cpe:/a:novell:opensuse:snmp-mibs", "p-cpe:/a:novell:opensuse:libsnmp15", "p-cpe:/a:novell:opensuse:net-snmp-32bit"], "id": "SUSE_11_0_LIBSNMP15-081121.NASL", "href": "https://www.tenable.com/plugins/nessus/40046", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libsnmp15-319.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40046);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/10/25 13:36:31\");\n\n script_cve_id(\"CVE-2008-4309\");\n\n script_name(english:\"openSUSE Security Update : libsnmp15 (libsnmp15-319)\");\n script_summary(english:\"Check for the libsnmp15-319 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Remote attackers could crash net-snmp via GETBULK-Request\n(CVE-2008-4309).\n\nIn addition the following non-security issues have been fixed :\n\n - typo in error message (bnc#439857)\n\n - fix duplicate registration warnings on startup\n (bnc#326957)\n\n - container insert errors reproducable with shared ip\n setups (bnc#396773)\n\n - typo in the snmpd init script to really load all agents\n (bnc#415127)\n\n - logrotate config to restart the snmptrapd aswell\n (bnc#378069)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=326957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=378069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=396773\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=415127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=439857\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=440950\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libsnmp15 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsnmp15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-SNMP\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:snmp-mibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libsnmp15-5.4.1-77.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"net-snmp-5.4.1-77.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"net-snmp-devel-5.4.1-77.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"perl-SNMP-5.4.1-77.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"snmp-mibs-5.4.1-77.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"net-snmp-32bit-5.4.1-77.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsnmp15 / net-snmp / net-snmp-32bit / net-snmp-devel / perl-SNMP / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:52:28", "description": "The remote host is affected by the vulnerability described in GLSA-200901-15\n(Net-SNMP: Denial of Service)\n\n Oscar Mira-Sanchez reported an integer overflow in the\n netsnmp_create_subtree_cache() function in agent/snmp_agent.c when\n processing GETBULK requests.\n \nImpact :\n\n A remote attacker could send a specially crafted request to crash the\n SNMP server. NOTE: The attacker needs to know the community string to\n exploit this vulnerability.\n \nWorkaround :\n\n Restrict access to trusted entities only.", "edition": 24, "published": "2009-01-22T00:00:00", "title": "GLSA-200901-15 : Net-SNMP: Denial of Service", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "modified": "2009-01-22T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:net-snmp", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200901-15.NASL", "href": "https://www.tenable.com/plugins/nessus/35444", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200901-15.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35444);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-4309\");\n script_bugtraq_id(32020);\n script_xref(name:\"GLSA\", value:\"200901-15\");\n\n script_name(english:\"GLSA-200901-15 : Net-SNMP: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200901-15\n(Net-SNMP: Denial of Service)\n\n Oscar Mira-Sanchez reported an integer overflow in the\n netsnmp_create_subtree_cache() function in agent/snmp_agent.c when\n processing GETBULK requests.\n \nImpact :\n\n A remote attacker could send a specially crafted request to crash the\n SNMP server. NOTE: The attacker needs to know the community string to\n exploit this vulnerability.\n \nWorkaround :\n\n Restrict access to trusted entities only.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200901-15\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Net-SNMP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/net-snmp-5.4.2.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/net-snmp\", unaffected:make_list(\"ge 5.4.2.1\"), vulnerable:make_list(\"lt 5.4.2.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Net-SNMP\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T01:09:42", "description": "New net-snmp packages are available for Slackware 12.0, 12.1, and\n-current to fix a denial of service issue.", "edition": 20, "published": "2008-11-17T00:00:00", "title": "Slackware 12.0 / 12.1 / current : net-snmp (SSA:2008-320-02)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "p-cpe:/a:slackware:slackware_linux:net-snmp", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:12.1"], "id": "SLACKWARE_SSA_2008-320-02.NASL", "href": "https://www.tenable.com/plugins/nessus/34783", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2008-320-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(34783);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/10/25 13:36:21\");\n\n script_cve_id(\"CVE-2008-4309\");\n script_xref(name:\"SSA\", value:\"2008-320-02\");\n\n script_name(english:\"Slackware 12.0 / 12.1 / current : net-snmp (SSA:2008-320-02)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New net-snmp packages are available for Slackware 12.0, 12.1, and\n-current to fix a denial of service issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.372460\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f80c58a1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/11/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"12.0\", pkgname:\"net-snmp\", pkgver:\"5.4.2.1\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"net-snmp\", pkgver:\"5.4.2.1\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"net-snmp\", pkgver:\"5.4.2.1\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T11:51:58", "description": "A denial of service vulnerability was discovered in how Net-SNMP\nprocessed GETBULK requests. A remote attacker with read access to the\nSNMP server could issue a specially crafted request which would cause\nsnmpd to crash (CVE-2008-4309).\n\nPlease note that for this to be successfully exploited, an attacker\nmust have read access to the SNMP server. By default, the public\ncommunity name grants read-only access, however it is recommended that\nthe default community name be changed in production.\n\nThe updated packages have been patched to correct this issue.", "edition": 25, "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : net-snmp (MDVSA-2008:225)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:perl-NetSNMP", "p-cpe:/a:mandriva:linux:net-snmp-mibs", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2008.1", "p-cpe:/a:mandriva:linux:net-snmp-trapd", "p-cpe:/a:mandriva:linux:libnet-snmp-devel", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:net-snmp-tkmib", "p-cpe:/a:mandriva:linux:net-snmp", "p-cpe:/a:mandriva:linux:libnet-snmp-static-devel", "p-cpe:/a:mandriva:linux:lib64net-snmp-devel", "p-cpe:/a:mandriva:linux:libnet-snmp15", "p-cpe:/a:mandriva:linux:lib64net-snmp-static-devel", "p-cpe:/a:mandriva:linux:lib64net-snmp15", "p-cpe:/a:mandriva:linux:net-snmp-utils"], "id": "MANDRIVA_MDVSA-2008-225.NASL", "href": "https://www.tenable.com/plugins/nessus/36859", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:225. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36859);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-4309\");\n script_bugtraq_id(32020);\n script_xref(name:\"MDVSA\", value:\"2008:225\");\n\n script_name(english:\"Mandriva Linux Security Advisory : net-snmp (MDVSA-2008:225)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service vulnerability was discovered in how Net-SNMP\nprocessed GETBULK requests. A remote attacker with read access to the\nSNMP server could issue a specially crafted request which would cause\nsnmpd to crash (CVE-2008-4309).\n\nPlease note that for this to be successfully exploited, an attacker\nmust have read access to the SNMP server. By default, the public\ncommunity name grants read-only access, however it is recommended that\nthe default community name be changed in production.\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64net-snmp-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64net-snmp15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnet-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnet-snmp-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnet-snmp15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp-mibs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp-tkmib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp-trapd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-NetSNMP\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64net-snmp-devel-5.4.1-1.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64net-snmp-static-devel-5.4.1-1.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64net-snmp15-5.4.1-1.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libnet-snmp-devel-5.4.1-1.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libnet-snmp-static-devel-5.4.1-1.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libnet-snmp15-5.4.1-1.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"net-snmp-5.4.1-1.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"net-snmp-mibs-5.4.1-1.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"net-snmp-trapd-5.4.1-1.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"net-snmp-utils-5.4.1-1.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"perl-NetSNMP-5.4.1-1.2mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64net-snmp-devel-5.4.1-5.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64net-snmp-static-devel-5.4.1-5.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64net-snmp15-5.4.1-5.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libnet-snmp-devel-5.4.1-5.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libnet-snmp-static-devel-5.4.1-5.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libnet-snmp15-5.4.1-5.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"net-snmp-5.4.1-5.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"net-snmp-mibs-5.4.1-5.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"net-snmp-tkmib-5.4.1-5.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"net-snmp-trapd-5.4.1-5.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"net-snmp-utils-5.4.1-5.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"perl-NetSNMP-5.4.1-5.2mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64net-snmp-devel-5.4.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64net-snmp-static-devel-5.4.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64net-snmp15-5.4.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libnet-snmp-devel-5.4.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libnet-snmp-static-devel-5.4.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libnet-snmp15-5.4.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"net-snmp-5.4.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"net-snmp-mibs-5.4.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"net-snmp-tkmib-5.4.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"net-snmp-trapd-5.4.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"net-snmp-utils-5.4.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"perl-NetSNMP-5.4.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:06:19", "description": " - Mon Nov 3 2008 Jan Safranek <jsafranek at redhat.com>\n 5.4.2.1-1\n\n - explicitly require the right version and release of\n net-snmp and net-snmp-libs\n\n - update to net-snmp-5.4.2.1 to fix CVE-2008-4309\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2009-04-23T00:00:00", "title": "Fedora 10 : net-snmp-5.4.2.1-1.fc10 (2008-10451)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "modified": "2009-04-23T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:net-snmp"], "id": "FEDORA_2008-10451.NASL", "href": "https://www.tenable.com/plugins/nessus/36774", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-10451.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36774);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-4309\");\n script_xref(name:\"FEDORA\", value:\"2008-10451\");\n\n script_name(english:\"Fedora 10 : net-snmp-5.4.2.1-1.fc10 (2008-10451)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Mon Nov 3 2008 Jan Safranek <jsafranek at redhat.com>\n 5.4.2.1-1\n\n - explicitly require the right version and release of\n net-snmp and net-snmp-libs\n\n - update to net-snmp-5.4.2.1 to fix CVE-2008-4309\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=469349\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-November/016869.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?210cae4e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"net-snmp-5.4.2.1-1.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T05:50:22", "description": "Remote attackers could crash net-snmp via GETBULK-Request.\n(CVE-2008-4309)\n\nIn addition the following non-security issues have been fixed :\n\n - typo in error message (bnc#439857)\n\n - make OIDs longer than 256 chars work (bnc#345914)\n\n - typo in the snmpd init script to really load all agents\n (bnc#415127)\n\n - logrotate config to restart the snmptrapd aswell\n (bnc#378069)", "edition": 22, "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : net-snmp (YOU Patch Number 12298)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12298.NASL", "href": "https://www.tenable.com/plugins/nessus/41256", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41256);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/10/25 13:36:31\");\n\n script_cve_id(\"CVE-2008-4309\");\n\n script_name(english:\"SuSE9 Security Update : net-snmp (YOU Patch Number 12298)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Remote attackers could crash net-snmp via GETBULK-Request.\n(CVE-2008-4309)\n\nIn addition the following non-security issues have been fixed :\n\n - typo in error message (bnc#439857)\n\n - make OIDs longer than 256 chars work (bnc#345914)\n\n - typo in the snmpd init script to really load all agents\n (bnc#415127)\n\n - logrotate config to restart the snmptrapd aswell\n (bnc#378069)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4309.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12298.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"net-snmp-5.1.3.1-0.24\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"net-snmp-devel-5.1.3.1-0.24\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"perl-SNMP-5.1.3.1-0.24\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"net-snmp-32bit-9-200811201409\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T06:32:55", "description": "Remote attackers could crash net-snmp via GETBULK-Request.\n(CVE-2008-4309)\n\nIn addition the following non-security issues have been fixed :\n\n - typo in error message. (bnc#439857)\n\n - fix duplicate registration warnings on startup.\n (bnc#326957)\n\n - container insert errors reproducable with shared ip\n setups. (bnc#396773)\n\n - typo in the snmpd init script to really load all agents.\n (bnc#415127)\n\n - logrotate config to restart the snmptrapd aswell.\n (bnc#378069)", "edition": 22, "published": "2009-01-26T00:00:00", "title": "SuSE 10 Security Update : net-snmp (ZYPP Patch Number 5807)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_NET-SNMP-5807.NASL", "href": "https://www.tenable.com/plugins/nessus/35460", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35460);\n script_version (\"1.17\");\n script_cvs_date(\"Date: 2019/10/25 13:36:32\");\n\n script_cve_id(\"CVE-2008-4309\");\n\n script_name(english:\"SuSE 10 Security Update : net-snmp (ZYPP Patch Number 5807)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Remote attackers could crash net-snmp via GETBULK-Request.\n(CVE-2008-4309)\n\nIn addition the following non-security issues have been fixed :\n\n - typo in error message. (bnc#439857)\n\n - fix duplicate registration warnings on startup.\n (bnc#326957)\n\n - container insert errors reproducable with shared ip\n setups. (bnc#396773)\n\n - typo in the snmpd init script to really load all agents.\n (bnc#415127)\n\n - logrotate config to restart the snmptrapd aswell.\n (bnc#378069)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4309.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5807.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"net-snmp-5.3.0.1-25.24.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"net-snmp-devel-5.3.0.1-25.24.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"perl-SNMP-5.3.0.1-25.24.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"net-snmp-32bit-5.3.0.1-25.24.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"net-snmp-5.3.0.1-25.28\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"net-snmp-devel-5.3.0.1-25.28\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"perl-SNMP-5.3.0.1-25.28\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"net-snmp-32bit-5.3.0.1-25.28\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"net-snmp-5.3.0.1-25.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"net-snmp-devel-5.3.0.1-25.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"perl-SNMP-5.3.0.1-25.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"net-snmp-32bit-5.3.0.1-25.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"net-snmp-5.3.0.1-25.28\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"net-snmp-devel-5.3.0.1-25.28\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"perl-SNMP-5.3.0.1-25.28\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"net-snmp-32bit-5.3.0.1-25.28\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T04:35:35", "description": "From Red Hat Security Advisory 2008:0971 :\n\nUpdated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nA denial-of-service flaw was found in the way Net-SNMP processes SNMP\nGETBULK requests. A remote attacker who issued a specially crafted\nrequest could cause the snmpd server to crash. (CVE-2008-4309)\n\nNote: An attacker must have read access to the SNMP server in order to\nexploit this flaw. In the default configuration, the community name\n'public' grants read-only access. In production deployments, it is\nrecommended to change this default community name.\n\nAll users of net-snmp should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.", "edition": 24, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 / 5 : net-snmp (ELSA-2008-0971)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:net-snmp-perl", "p-cpe:/a:oracle:linux:net-snmp-utils", "p-cpe:/a:oracle:linux:net-snmp", "p-cpe:/a:oracle:linux:net-snmp-devel", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:net-snmp-libs", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2008-0971.NASL", "href": "https://www.tenable.com/plugins/nessus/67761", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0971 and \n# Oracle Linux Security Advisory ELSA-2008-0971 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67761);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/10/25 13:36:07\");\n\n script_cve_id(\"CVE-2008-4309\");\n script_bugtraq_id(32020);\n script_xref(name:\"RHSA\", value:\"2008:0971\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : net-snmp (ELSA-2008-0971)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0971 :\n\nUpdated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nA denial-of-service flaw was found in the way Net-SNMP processes SNMP\nGETBULK requests. A remote attacker who issued a specially crafted\nrequest could cause the snmpd server to crash. (CVE-2008-4309)\n\nNote: An attacker must have read access to the SNMP server in order to\nexploit this flaw. In the default configuration, the community name\n'public' grants read-only access. In production deployments, it is\nrecommended to change this default community name.\n\nAll users of net-snmp should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-November/000778.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-November/000779.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-November/000780.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-5.0.9-2.30E.25\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-5.0.9-2.30E.25\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-devel-5.0.9-2.30E.25\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-devel-5.0.9-2.30E.25\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-libs-5.0.9-2.30E.25\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-libs-5.0.9-2.30E.25\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-perl-5.0.9-2.30E.25\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-perl-5.0.9-2.30E.25\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"net-snmp-utils-5.0.9-2.30E.25\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"net-snmp-utils-5.0.9-2.30E.25\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"net-snmp-5.1.2-13.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"net-snmp-devel-5.1.2-13.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"net-snmp-libs-5.1.2-13.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"net-snmp-perl-5.1.2-13.el4_7.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"net-snmp-utils-5.1.2-13.el4_7.2\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"net-snmp-5.3.1-24.el5_2.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"net-snmp-devel-5.3.1-24.el5_2.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"net-snmp-libs-5.3.1-24.el5_2.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"net-snmp-perl-5.3.1-24.el5_2.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"net-snmp-utils-5.3.1-24.el5_2.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp / net-snmp-devel / net-snmp-libs / net-snmp-perl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T04:56:28", "description": "Updated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nA denial-of-service flaw was found in the way Net-SNMP processes SNMP\nGETBULK requests. A remote attacker who issued a specially crafted\nrequest could cause the snmpd server to crash. (CVE-2008-4309)\n\nNote: An attacker must have read access to the SNMP server in order to\nexploit this flaw. In the default configuration, the community name\n'public' grants read-only access. In production deployments, it is\nrecommended to change this default community name.\n\nAll users of net-snmp should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.", "edition": 27, "published": "2008-11-04T00:00:00", "title": "RHEL 3 / 4 / 5 : net-snmp (RHSA-2008:0971)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:net-snmp", "p-cpe:/a:redhat:enterprise_linux:net-snmp-devel", "p-cpe:/a:redhat:enterprise_linux:net-snmp-libs", "cpe:/o:redhat:enterprise_linux:5.2", "p-cpe:/a:redhat:enterprise_linux:net-snmp-utils", "cpe:/o:redhat:enterprise_linux:4.7", "p-cpe:/a:redhat:enterprise_linux:net-snmp-perl"], "id": "REDHAT-RHSA-2008-0971.NASL", "href": "https://www.tenable.com/plugins/nessus/34691", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0971. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(34691);\n script_version (\"1.28\");\n script_cvs_date(\"Date: 2019/10/25 13:36:13\");\n\n script_cve_id(\"CVE-2008-4309\");\n script_bugtraq_id(32020);\n script_xref(name:\"RHSA\", value:\"2008:0971\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : net-snmp (RHSA-2008:0971)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nA denial-of-service flaw was found in the way Net-SNMP processes SNMP\nGETBULK requests. A remote attacker who issued a specially crafted\nrequest could cause the snmpd server to crash. (CVE-2008-4309)\n\nNote: An attacker must have read access to the SNMP server in order to\nexploit this flaw. In the default configuration, the community name\n'public' grants read-only access. In production deployments, it is\nrecommended to change this default community name.\n\nAll users of net-snmp should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0971\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0971\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"net-snmp-5.0.9-2.30E.25\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"net-snmp-devel-5.0.9-2.30E.25\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"net-snmp-libs-5.0.9-2.30E.25\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"net-snmp-perl-5.0.9-2.30E.25\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"net-snmp-utils-5.0.9-2.30E.25\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"net-snmp-5.1.2-13.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"net-snmp-devel-5.1.2-13.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"net-snmp-libs-5.1.2-13.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"net-snmp-perl-5.1.2-13.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"net-snmp-utils-5.1.2-13.el4_7.2\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"net-snmp-5.3.1-24.el5_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"net-snmp-5.3.1-24.el5_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"net-snmp-5.3.1-24.el5_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"net-snmp-devel-5.3.1-24.el5_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"net-snmp-libs-5.3.1-24.el5_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"net-snmp-perl-5.3.1-24.el5_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"net-snmp-perl-5.3.1-24.el5_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"net-snmp-perl-5.3.1-24.el5_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"net-snmp-utils-5.3.1-24.el5_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"net-snmp-utils-5.3.1-24.el5_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"net-snmp-utils-5.3.1-24.el5_2.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp / net-snmp-devel / net-snmp-libs / net-snmp-perl / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:25:26", "description": "Updated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nA denial-of-service flaw was found in the way Net-SNMP processes SNMP\nGETBULK requests. A remote attacker who issued a specially crafted\nrequest could cause the snmpd server to crash. (CVE-2008-4309)\n\nNote: An attacker must have read access to the SNMP server in order to\nexploit this flaw. In the default configuration, the community name\n'public' grants read-only access. In production deployments, it is\nrecommended to change this default community name.\n\nAll users of net-snmp should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.", "edition": 27, "published": "2009-04-23T00:00:00", "title": "CentOS 3 / 4 / 5 : net-snmp (CESA-2008:0971)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:centos:centos:net-snmp-utils", "p-cpe:/a:centos:centos:net-snmp-libs", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:net-snmp-perl", "p-cpe:/a:centos:centos:net-snmp", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:net-snmp-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2008-0971.NASL", "href": "https://www.tenable.com/plugins/nessus/37176", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0971 and \n# CentOS Errata and Security Advisory 2008:0971 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37176);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-4309\");\n script_bugtraq_id(32020);\n script_xref(name:\"RHSA\", value:\"2008:0971\");\n\n script_name(english:\"CentOS 3 / 4 / 5 : net-snmp (CESA-2008:0971)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated net-snmp packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nA denial-of-service flaw was found in the way Net-SNMP processes SNMP\nGETBULK requests. A remote attacker who issued a specially crafted\nrequest could cause the snmpd server to crash. (CVE-2008-4309)\n\nNote: An attacker must have read access to the SNMP server in order to\nexploit this flaw. In the default configuration, the community name\n'public' grants read-only access. In production deployments, it is\nrecommended to change this default community name.\n\nAll users of net-snmp should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-November/015365.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1b494e88\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-November/015366.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?71f56659\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-November/015367.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?791fcb7e\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-November/015368.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?529b2ed4\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-November/015385.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8e3dbb69\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-November/015386.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2d6797c5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected net-snmp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:net-snmp-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-5.0.9-2.30E.25\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-devel-5.0.9-2.30E.25\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-libs-5.0.9-2.30E.25\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-perl-5.0.9-2.30E.25\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"net-snmp-utils-5.0.9-2.30E.25\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"net-snmp-5.1.2-13.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"net-snmp-devel-5.1.2-13.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"net-snmp-libs-5.1.2-13.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"net-snmp-perl-5.1.2-13.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"net-snmp-utils-5.1.2-13.c4.2\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"net-snmp-5.3.1-24.el5_2.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"net-snmp-devel-5.3.1-24.el5_2.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"net-snmp-libs-5.3.1-24.el5_2.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"net-snmp-perl-5.3.1-24.el5_2.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"net-snmp-utils-5.3.1-24.el5_2.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"net-snmp / net-snmp-devel / net-snmp-libs / net-snmp-perl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:53", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4309"], "description": "The Simple Network Management Protocol (SNMP) is a protocol used for\nnetwork management.\n\nA denial-of-service flaw was found in the way Net-SNMP processes SNMP\nGETBULK requests. A remote attacker who issued a specially-crafted request\ncould cause the snmpd server to crash. (CVE-2008-4309)\n\nNote: An attacker must have read access to the SNMP server in order to\nexploit this flaw. In the default configuration, the community name\n\"public\" grants read-only access. In production deployments, it is\nrecommended to change this default community name.\n\nAll users of net-snmp should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.\n", "modified": "2017-09-08T11:59:56", "published": "2008-11-03T05:00:00", "id": "RHSA-2008:0971", "href": "https://access.redhat.com/errata/RHSA-2008:0971", "type": "redhat", "title": "(RHSA-2008:0971) Important: net-snmp security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:46:29", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5161"], "description": "OpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation. These\npackages include the core files necessary for both the OpenSSH client and\nserver.\n\nA flaw was found in the SSH protocol. An attacker able to perform a\nman-in-the-middle attack may be able to obtain a portion of plain text from\nan arbitrary ciphertext block when a CBC mode cipher was used to encrypt\nSSH communication. This update helps mitigate this attack: OpenSSH clients\nand servers now prefer CTR mode ciphers to CBC mode, and the OpenSSH server\nnow reads SSH packets up to their full possible length when corruption is\ndetected, rather than reporting errors early, reducing the possibility of\nsuccessful plain text recovery. (CVE-2008-5161)\n\nThis update also fixes the following bug:\n\n* the ssh client hung when trying to close a session in which a background\nprocess still held tty file descriptors open. With this update, this\nso-called \"hang on exit\" error no longer occurs and the ssh client closes\nthe session immediately. (BZ#454812)\n\nIn addition, this update adds the following enhancements:\n\n* the SFTP server can now chroot users to various directories, including\na user's home directory, after log in. A new configuration option --\nChrootDirectory -- has been added to \"/etc/ssh/sshd_config\" for setting\nthis up (the default is not to chroot users). Details regarding configuring\nthis new option are in the sshd_config(5) manual page. (BZ#440240)\n\n* the executables which are part of the OpenSSH FIPS module which is being\nvalidated will check their integrity and report their FIPS mode status to\nthe system log or to the terminal. (BZ#467268, BZ#492363)\n\nAll OpenSSH users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues and add these\nenhancements. After installing this update, the OpenSSH server daemon\n(sshd) will be restarted automatically.", "modified": "2017-09-08T12:17:00", "published": "2009-09-02T07:02:33", "id": "RHSA-2009:1287", "href": "https://access.redhat.com/errata/RHSA-2009:1287", "type": "redhat", "title": "(RHSA-2009:1287) Low: openssh security, bug fix, and enhancement update", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "slackware": [{"lastseen": "2020-10-25T16:35:53", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4309"], "description": "New net-snmp packages are available for Slackware 12.0, 12.1, and -current to\nfix a denial of service issue.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309\n\n\nHere are the details from the Slackware 12.1 ChangeLog:\n\npatches/packages/net-snmp-5.4.2.1-i486-1_slack12.1.tgz:\n Upgraded to net-snmp-5.4.2.1.\n This fixes a problem where a user with read access could cause snmpd to\n crash, resulting in a denial of service.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/net-snmp-5.4.2.1-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/net-snmp-5.4.2.1-i486-1_slack12.1.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/net-snmp-5.4.2.1-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 12.0 package:\nc585af1a43e86cb7be73382c1ee4e575 net-snmp-5.4.2.1-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n0aee48e834e781e8d2b910b5278fd8a7 net-snmp-5.4.2.1-i486-1_slack12.1.tgz\n\nSlackware -current package:\ncc259e3a080404e89d7dab5eb7cbc709 net-snmp-5.4.2.1-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg net-snmp-5.4.2.1-i486-1_slack12.1.tgz\n\nThen, restart snmpd if the system uses it.", "modified": "2008-11-16T07:01:28", "published": "2008-11-16T07:01:28", "id": "SSA-2008-320-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.372460", "type": "slackware", "title": "[slackware-security] net-snmp", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:36:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "description": "Oracle Linux Local Security Checks ELSA-2008-0971", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122546", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122546", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2008-0971", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0971.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122546\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:47:44 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0971\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0971 - net-snmp security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0971\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0971.html\");\n script_cve_id(\"CVE-2008-4309\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.3.1~24.el5_2.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.3.1~24.el5_2.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.3.1~24.el5_2.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.3.1~24.el5_2.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.3.1~24.el5_2.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-04-06T11:40:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200901-15.", "modified": "2018-04-06T00:00:00", "published": "2009-01-26T00:00:00", "id": "OPENVAS:136141256231063278", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063278", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200901-15 (net-snmp)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in Net-SNMP could lead to a Denial of Service.\";\ntag_solution = \"All Net-SNMP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/net-snmp-5.4.2.1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200901-15\nhttp://bugs.gentoo.org/show_bug.cgi?id=245306\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200901-15.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63278\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-26 18:18:20 +0100 (Mon, 26 Jan 2009)\");\n script_cve_id(\"CVE-2008-4309\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200901-15 (net-snmp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-analyzer/net-snmp\", unaffected: make_list(\"ge 5.4.2.1\"), vulnerable: make_list(\"lt 5.4.2.1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:40:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "description": "Check for the Version of net-snmp", "modified": "2018-04-06T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:1361412562310870000", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870000", "type": "openvas", "title": "RedHat Update for net-snmp RHSA-2008:0971-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for net-snmp RHSA-2008:0971-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Simple Network Management Protocol (SNMP) is a protocol used for\n network management.\n\n A denial-of-service flaw was found in the way Net-SNMP processes SNMP\n GETBULK requests. A remote attacker who issued a specially-crafted request\n could cause the snmpd server to crash. (CVE-2008-4309)\n \n Note: An attacker must have read access to the SNMP server in order to\n exploit this flaw. In the default configuration, the community name\n &quot;public&quot; grants read-only access. In production deployments, it is\n recommended to change this default community name.\n \n All users of net-snmp should upgrade to these updated packages, which\n contain a backported patch to resolve this issue.\";\n\ntag_affected = \"net-snmp on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4,\n Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-November/msg00000.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870000\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2008:0971-01\");\n script_cve_id(\"CVE-2008-4309\");\n script_name( \"RedHat Update for net-snmp RHSA-2008:0971-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of net-snmp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.3.1~24.el5_2.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-debuginfo\", rpm:\"net-snmp-debuginfo~5.3.1~24.el5_2.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.3.1~24.el5_2.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.3.1~24.el5_2.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.3.1~24.el5_2.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.3.1~24.el5_2.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.1.2~13.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-debuginfo\", rpm:\"net-snmp-debuginfo~5.1.2~13.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.1.2~13.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.1.2~13.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.1.2~13.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.1.2~13.el4_7.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.0.9~2.30E.25\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-debuginfo\", rpm:\"net-snmp-debuginfo~5.0.9~2.30E.25\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.0.9~2.30E.25\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.0.9~2.30E.25\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.0.9~2.30E.25\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.0.9~2.30E.25\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:41:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "description": "Check for the Version of net-snmp", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880007", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880007", "type": "openvas", "title": "CentOS Update for net-snmp CESA-2008:0971 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for net-snmp CESA-2008:0971 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Simple Network Management Protocol (SNMP) is a protocol used for\n network management.\n\n A denial-of-service flaw was found in the way Net-SNMP processes SNMP\n GETBULK requests. A remote attacker who issued a specially-crafted request\n could cause the snmpd server to crash. (CVE-2008-4309)\n \n Note: An attacker must have read access to the SNMP server in order to\n exploit this flaw. In the default configuration, the community name\n &quot;public&quot; grants read-only access. In production deployments, it is\n recommended to change this default community name.\n \n All users of net-snmp should upgrade to these updated packages, which\n contain a backported patch to resolve this issue.\";\n\ntag_affected = \"net-snmp on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-November/015367.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880007\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2008:0971\");\n script_cve_id(\"CVE-2008-4309\");\n script_name( \"CentOS Update for net-snmp CESA-2008:0971 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of net-snmp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "description": "Check for the Version of net-snmp", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880244", "href": "http://plugins.openvas.org/nasl.php?oid=880244", "type": "openvas", "title": "CentOS Update for net-snmp CESA-2008:0971 centos3 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for net-snmp CESA-2008:0971 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Simple Network Management Protocol (SNMP) is a protocol used for\n network management.\n\n A denial-of-service flaw was found in the way Net-SNMP processes SNMP\n GETBULK requests. A remote attacker who issued a specially-crafted request\n could cause the snmpd server to crash. (CVE-2008-4309)\n \n Note: An attacker must have read access to the SNMP server in order to\n exploit this flaw. In the default configuration, the community name\n &quot;public&quot; grants read-only access. In production deployments, it is\n recommended to change this default community name.\n \n All users of net-snmp should upgrade to these updated packages, which\n contain a backported patch to resolve this issue.\";\n\ntag_affected = \"net-snmp on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-November/015368.html\");\n script_id(880244);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2008:0971\");\n script_cve_id(\"CVE-2008-4309\");\n script_name( \"CentOS Update for net-snmp CESA-2008:0971 centos3 x86_64\");\n\n script_summary(\"Check for the Version of net-snmp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n net-snmp\n net-snmp-devel\n perl-SNMP\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:136141256231065771", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065771", "type": "openvas", "title": "SLES10: Security update for net-snmp", "sourceData": "#\n#VID slesp2-net-snmp-5807\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for net-snmp\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n net-snmp\n net-snmp-devel\n perl-SNMP\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65771\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-4309\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES10: Security update for net-snmp\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.3.0.1~25.28\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.3.0.1~25.28\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-SNMP\", rpm:\"perl-SNMP~5.3.0.1~25.28\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-26T00:00:00", "published": "2008-11-19T00:00:00", "id": "OPENVAS:61873", "href": "http://plugins.openvas.org/nasl.php?oid=61873", "type": "openvas", "title": "FreeBSD Ports: net-snmp", "sourceData": "#\n#VID daf045d7-b211-11dd-a987-000c29ca8953\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID daf045d7-b211-11dd-a987-000c29ca8953\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n net-snmp\n net-snmp53\n\nCVE-2008-4309\nInteger overflow in the netsnmp_create_subtree_cache function in\nagent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3,\nand 5.2 before 5.2.5.1 allows remote attackers to cause a denial of\nservice (crash) via a crafted SNMP GETBULK request, which triggers a\nheap-based buffer overflow, related to the number of responses or\nrepeats.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://sourceforge.net/forum/forum.php?forum_id=882903\nhttp://www.openwall.com/lists/oss-security/2008/10/31/1\nhttp://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-2-5-1/net-snmp/agent/snmp_agent.c?r1=17271&r2=17272&pathrev=17272\nhttp://www.vuxml.org/freebsd/daf045d7-b211-11dd-a987-000c29ca8953.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(61873);\n script_version(\"$Revision: 4144 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-26 07:28:56 +0200 (Mon, 26 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-11-19 16:52:57 +0100 (Wed, 19 Nov 2008)\");\n script_cve_id(\"CVE-2008-4309\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: net-snmp\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"net-snmp\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.4.2.1\")<0) {\n txt += 'Package net-snmp version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"net-snmp53\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.3.2.3\")<0) {\n txt += 'Package net-snmp53 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2008-320-02.", "modified": "2017-07-07T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:61865", "href": "http://plugins.openvas.org/nasl.php?oid=61865", "type": "openvas", "title": "Slackware Advisory SSA:2008-320-02 net-snmp", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2008_320_02.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New net-snmp packages are available for Slackware 12.0, 12.1, and -current to\nfix a denial of service issue.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2008-320-02.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-320-02\";\n \nif(description)\n{\n script_id(61865);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2008-4309\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2008-320-02 net-snmp \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"net-snmp\", ver:\"5.4.2.1-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"net-snmp\", ver:\"5.4.2.1-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:40:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "description": "Check for the Version of net-snmp", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880244", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880244", "type": "openvas", "title": "CentOS Update for net-snmp CESA-2008:0971 centos3 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for net-snmp CESA-2008:0971 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Simple Network Management Protocol (SNMP) is a protocol used for\n network management.\n\n A denial-of-service flaw was found in the way Net-SNMP processes SNMP\n GETBULK requests. A remote attacker who issued a specially-crafted request\n could cause the snmpd server to crash. (CVE-2008-4309)\n \n Note: An attacker must have read access to the SNMP server in order to\n exploit this flaw. In the default configuration, the community name\n &quot;public&quot; grants read-only access. In production deployments, it is\n recommended to change this default community name.\n \n All users of net-snmp should upgrade to these updated packages, which\n contain a backported patch to resolve this issue.\";\n\ntag_affected = \"net-snmp on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-November/015368.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880244\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2008:0971\");\n script_cve_id(\"CVE-2008-4309\");\n script_name( \"CentOS Update for net-snmp CESA-2008:0971 centos3 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of net-snmp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-libs\", rpm:\"net-snmp-libs~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-perl\", rpm:\"net-snmp-perl~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"net-snmp-utils\", rpm:\"net-snmp-utils~5.0.9~2.30E.25\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4309"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2008-320-02.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231061865", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231061865", "type": "openvas", "title": "Slackware Advisory SSA:2008-320-02 net-snmp", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2008_320_02.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.61865\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2008-4309\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2008-320-02 net-snmp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(12\\.0|12\\.1)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-320-02\");\n\n script_tag(name:\"insight\", value:\"New net-snmp packages are available for Slackware 12.0, 12.1, and -current to\nfix a denial of service issue.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2008-320-02.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"net-snmp\", ver:\"5.4.2.1-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"net-snmp\", ver:\"5.4.2.1-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:29", "bulletinFamily": "software", "cvelist": ["CVE-2008-1720"], "description": "Integer overflow on ACL handling.", "edition": 1, "modified": "2008-04-14T00:00:00", "published": "2008-04-14T00:00:00", "id": "SECURITYVULNS:VULN:8891", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8891", "title": "rsync integer overflow", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:25", "bulletinFamily": "software", "cvelist": ["CVE-2008-1720"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1545-1 security@debian.org\r\nhttp://www.debian.org/security/ Moritz Muehlenhoff\r\nApril 10, 2008 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : rsync\r\nVulnerability : integer overflow\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE Id&#40;s&#41; : CVE-2008-1720\r\n\r\nSebastian Krahmer discovered that an integer overflow in rsync&#39;s code\r\nfor handling extended attributes may lead to arbitrary code execution.\r\n\r\nFor the stable distribution &#40;etch&#41;, this problem has been fixed in\r\nversion 2.6.9-2etch2.\r\n\r\nFor the unstable distribution &#40;sid&#41;, this problem has been fixed in\r\nversion 3.0.2-1.\r\n\r\nWe recommend that you upgrade your rsync package.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian 4.0 &#40;stable&#41;\r\n- -------------------\r\n\r\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390\r\nand sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2.dsc\r\n Size/MD5 checksum: 566 6504d35182ed2141c8d7d2f8152d5fb7\r\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9.orig.tar.gz\r\n Size/MD5 checksum: 811841 996d8d8831dbca17910094e56dcb5942\r\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2.diff.gz\r\n Size/MD5 checksum: 51039 2131acc598dbbe26f9b6f04c0a0d3f2b\r\n\r\nalpha architecture &#40;DEC Alpha&#41;\r\n\r\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_alpha.deb\r\n Size/MD5 checksum: 294664 ea644ca8d37211ccbc1f8173e934d45a\r\n\r\namd64 architecture &#40;AMD x86_64 &#40;AMD64&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_amd64.deb\r\n Size/MD5 checksum: 272046 0d9e9576b24a245265f9a98d15ce3b0b\r\n\r\nhppa architecture &#40;HP PA RISC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_hppa.deb\r\n Size/MD5 checksum: 282552 dd5e17e39eeaa712287d166e3346bd7d\r\n\r\ni386 architecture &#40;Intel ia32&#41;\r\n\r\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_i386.deb\r\n Size/MD5 checksum: 261454 b68ddd05ba2a02f7a5f6bd9cc7807a2e\r\n\r\nia64 architecture &#40;Intel ia64&#41;\r\n\r\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_ia64.deb\r\n Size/MD5 checksum: 356986 df80d4332478c019d540b07ac16c235f\r\n\r\nmips architecture &#40;MIPS &#40;Big Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_mips.deb\r\n Size/MD5 checksum: 286532 21aeda2221c4b31c2f19296b58654222\r\n\r\nmipsel architecture &#40;MIPS &#40;Little Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_mipsel.deb\r\n Size/MD5 checksum: 287282 0c750c3cf7089ad7e7ea3d9d273df9b9\r\n\r\npowerpc architecture &#40;PowerPC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_powerpc.deb\r\n Size/MD5 checksum: 275184 6d81a7a14422fd5bc7c89bd755320e80\r\n\r\ns390 architecture &#40;IBM S/390&#41;\r\n\r\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_s390.deb\r\n Size/MD5 checksum: 278828 5300915466913e7832a3649ba701d49e\r\n\r\nsparc architecture &#40;Sun SPARC/UltraSPARC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_sparc.deb\r\n Size/MD5 checksum: 264144 885fc97a390e1db66290805c06e35947\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: &#96;apt-cache show &lt;pkg&gt;&#39; and http://packages.debian.org/&lt;pkg&gt;\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.6 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFH/oIzXm3vHE4uyloRAimYAKDryWbCXe0GE9mHkeW+hdU/TdRWnQCfecqE\r\nS38dhGyIWptW5OR8k2FHBwo=\r\n=IeYW\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-04-14T00:00:00", "published": "2008-04-14T00:00:00", "id": "SECURITYVULNS:DOC:19621", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:19621", "title": "[SECURITY] [DSA 1545-1] New rsync packages fix arbitrary code execution", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2019-05-30T02:22:14", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1720"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1545-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nApril 10, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : rsync\nVulnerability : integer overflow\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2008-1720\n\nSebastian Krahmer discovered that an integer overflow in rsync&#x27;s code\nfor handling extended attributes may lead to arbitrary code execution.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.6.9-2etch2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.0.2-1.\n\nWe recommend that you upgrade your rsync package.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2.dsc\n Size/MD5 checksum: 566 6504d35182ed2141c8d7d2f8152d5fb7\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9.orig.tar.gz\n Size/MD5 checksum: 811841 996d8d8831dbca17910094e56dcb5942\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2.diff.gz\n Size/MD5 checksum: 51039 2131acc598dbbe26f9b6f04c0a0d3f2b\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_alpha.deb\n Size/MD5 checksum: 294664 ea644ca8d37211ccbc1f8173e934d45a\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_amd64.deb\n Size/MD5 checksum: 272046 0d9e9576b24a245265f9a98d15ce3b0b\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_hppa.deb\n Size/MD5 checksum: 282552 dd5e17e39eeaa712287d166e3346bd7d\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_i386.deb\n Size/MD5 checksum: 261454 b68ddd05ba2a02f7a5f6bd9cc7807a2e\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_ia64.deb\n Size/MD5 checksum: 356986 df80d4332478c019d540b07ac16c235f\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_mips.deb\n Size/MD5 checksum: 286532 21aeda2221c4b31c2f19296b58654222\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_mipsel.deb\n Size/MD5 checksum: 287282 0c750c3cf7089ad7e7ea3d9d273df9b9\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_powerpc.deb\n Size/MD5 checksum: 275184 6d81a7a14422fd5bc7c89bd755320e80\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_s390.deb\n Size/MD5 checksum: 278828 5300915466913e7832a3649ba701d49e\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/r/rsync/rsync_2.6.9-2etch2_sparc.deb\n Size/MD5 checksum: 264144 885fc97a390e1db66290805c06e35947\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n\n\n", "edition": 2, "modified": "2008-04-10T21:12:16", "published": "2008-04-10T21:12:16", "id": "DEBIAN:DSA-1545-1:813EA", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00115.html", "title": "[SECURITY] [DSA 1545-1] New rsync packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-08T23:32:50", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1720"], "description": "Sebastian Krahmer discovered that rsync could overflow when handling ACLs. \nAn attacker could construct a malicious set of files that when processed \nby rsync could lead to arbitrary code execution or a crash.", "edition": 5, "modified": "2008-04-11T00:00:00", "published": "2008-04-11T00:00:00", "id": "USN-600-1", "href": "https://ubuntu.com/security/notices/USN-600-1", "title": "rsync vulnerability", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-09T00:25:56", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0590"], "description": "It was discovered that OpenSSL did not properly validate the length of an \nencoded BMPString or UniversalString when printing ASN.1 strings. If a user \nor automated system were tricked into processing a crafted certificate, an \nattacker could cause a denial of service via application crash in \napplications linked against OpenSSL.", "edition": 5, "modified": "2009-03-30T00:00:00", "published": "2009-03-30T00:00:00", "id": "USN-750-1", "href": "https://ubuntu.com/security/notices/USN-750-1", "title": "OpenSSL vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}