The getbulk code in net-snmp 5.4 before 220.127.116.11, 5.3 before 18.104.22.168,
and 5.2 before 22.214.171.124 allows remote attackers to cause a denial of
service (crash) via vectors related to the number of responses or
Netmon, here is the patch:
netmon, are you still alive? ;P
I'm just curious if someone works on this, our timeline for B4 is 20 days.
(In reply to comment #2)
> netmon, are you still alive? ;P
> I'm just curious if someone works on this, our timeline for B4 is 20 days.
if noone else bumps within the next days i'll take a look at it during the weekend.
Re-rating B0, severity blocker: the CVE does not mention it, but securityfocus and the exploit say that remote code execution is possible - and snmpd runs as root!
# ChangeLog for net-analyzer/net-snmp
# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/ChangeLog,v 1.181 2008/11/13 17:46:48 jer Exp $
*net-snmp-126.96.36.199 (13 Nov 2008)
13 Nov 2008; Jeroen Roovers <email@example.com> +net-snmp-188.8.131.52.ebuild:
Version bump (bug #245306).
Arches, please test and mark stable:
Target keywords: alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86
(Revmoing versions from summary which don't affect us)
Stable for HPPA.
GLSA was NOT filed yet!
(In reply to comment #14)
> GLSA was NOT filed yet!
(In reply to comment #5)
> Thanks Tobi!
> Re-rating B0, severity blocker: the CVE does not mention it, but securityfocus
> and the exploit say that remote code execution is possible - and snmpd runs as
This exploit is for CVE-2008-2292... rerating B3.
*** Bug 237172 has been marked as a duplicate of this bug. ***