7.2 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.971 High
EPSS
Percentile
99.8%
Wes Hardaker discovered that the SNMP service did not correctly validate
HMAC authentication requests. An unauthenticated remote attacker
could send specially crafted SNMPv3 traffic with a valid username
and gain access to the user’s views without a valid authentication
passphrase. (CVE-2008-0960)
John Kortink discovered that the Net-SNMP Perl module did not correctly
check the size of returned values. If a user or automated system were
tricked into querying a malicious SNMP server, the application using
the Perl module could be made to crash, leading to a denial of service.
This did not affect Ubuntu 8.10. (CVE-2008-2292)
It was discovered that the SNMP service did not correctly handle large
GETBULK requests. If an unauthenticated remote attacker sent a specially
crafted request, the SNMP service could be made to crash, leading to a
denial of service. (CVE-2008-4309)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.10 | noarch | libsnmp15 | < 5.4.1~dfsg-7.1ubuntu6.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libsnmp-dev | < 5.4.1~dfsg-7.1ubuntu6.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libsnmp-perl | < 5.4.1~dfsg-7.1ubuntu6.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libsnmp-python | < 5.4.1~dfsg-7.1ubuntu6.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | snmp | < 5.4.1~dfsg-7.1ubuntu6.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | snmpd | < 5.4.1~dfsg-7.1ubuntu6.1 | UNKNOWN |
Ubuntu | 8.04 | noarch | libsnmp-perl | < 5.4.1~dfsg-4ubuntu4.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | libsnmp-dev | < 5.4.1~dfsg-4ubuntu4.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | libsnmp-python | < 5.4.1~dfsg-4ubuntu4.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | libsnmp15 | < 5.4.1~dfsg-4ubuntu4.2 | UNKNOWN |