Summary: | net-analyzer/net-snmp <5.4.2.1: getbulk Heap Overflow (CVE-2008-4309) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | conikost, netmon |
Priority: | Highest | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Stefan Behte (RETIRED)
2008-11-02 19:17:48 UTC
Netmon, here is the patch: http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-2-5-1/net-snmp/agent/snmp_agent.c?r1=17271&r2=17272&pathrev=17272 netmon, are you still alive? ;P I'm just curious if someone works on this, our timeline for B4 is 20 days. (In reply to comment #2) > netmon, are you still alive? ;P > I'm just curious if someone works on this, our timeline for B4 is 20 days. > if noone else bumps within the next days i'll take a look at it during the weekend. Thanks Tobi! Re-rating B0, severity blocker: the CVE does not mention it, but securityfocus and the exploit say that remote code execution is possible - and snmpd runs as root! # ChangeLog for net-analyzer/net-snmp # Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2 # $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/ChangeLog,v 1.181 2008/11/13 17:46:48 jer Exp $ *net-snmp-5.4.2.1 (13 Nov 2008) 13 Nov 2008; Jeroen Roovers <jer@gentoo.org> +net-snmp-5.4.2.1.ebuild: Version bump (bug #245306). Arches, please test and mark stable: =net-analyzer/net-snmp-5.4.2.1 Target keywords: alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86 (Revmoing versions from summary which don't affect us) Stable for HPPA. ppc stable amd64/x86 stable ppc64 stable alpha/arm/ia64/sparc stable s390/sh stable GLSA was NOT filed yet! (In reply to comment #14) > GLSA was NOT filed yet! > fixed now. (In reply to comment #5) > Thanks Tobi! > > Re-rating B0, severity blocker: the CVE does not mention it, but securityfocus > and the exploit say that remote code execution is possible - and snmpd runs as > root! > This exploit is for CVE-2008-2292... rerating B3. *** Bug 237172 has been marked as a duplicate of this bug. *** GLSA 200901-15 |