Executive Summary
Summary | |
---|---|
Title | ESX Service Console update for net-snmp |
Informations | |||
---|---|---|---|
Name | VMSA-2010-0003 | First vendor Publication | 2010-02-16 |
Vendor | VMware | Last vendor Modification | 2010-02-16 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
a. Service Console package net-snmp updated This patch updates the service console package for net-snmp, net-snmp-utils, and net-snmp-libs to version net-snmp-5.0.9-2.30E.28. This net-snmp update fixes a divide-by- zero flaw in the snmpd daemon. A remote attacker could issue a specially crafted GETBULK request that could cause the snmpd daemon to fail. This vulnerability was introduced by an incorrect fix for CVE-2008-4309. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1887 to this issue. Note: After installing the previous patch for net-snmp (ESX350-200901409-SG), running the snmpbulkwalk command with the parameter -CnX results in no output, and the snmpd daemon stops. |
Original Source
Url : http://www.vmware.com/security/advisories/VMSA-2010-0003.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-369 | Divide By Zero |
50 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:17856 | |||
Oval ID: | oval:org.mitre.oval:def:17856 | ||
Title: | USN-685-1 -- net-snmp vulnerabilities | ||
Description: | Wes Hardaker discovered that the SNMP service did not correctly validate HMAC authentication requests. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-685-1 CVE-2008-0960 CVE-2008-2292 CVE-2008-4309 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.10 Ubuntu 8.04 Ubuntu 8.10 | Product(s): | net-snmp |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19948 | |||
Oval ID: | oval:org.mitre.oval:def:19948 | ||
Title: | DSA-1663-1 net-snmp - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in NET SNMP, a suite of Simple Network Management Protocol applications. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1663-1 CVE-2008-0960 CVE-2008-2292 CVE-2008-4309 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | net-snmp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22168 | |||
Oval ID: | oval:org.mitre.oval:def:22168 | ||
Title: | ELSA-2008:0971: net-snmp security update (Important) | ||
Description: | Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0971-01 CVE-2008-4309 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | net-snmp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29197 | |||
Oval ID: | oval:org.mitre.oval:def:29197 | ||
Title: | RHSA-2008:0971 -- net-snmp security update (Important) | ||
Description: | Updated net-snmp packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Simple Network Management Protocol (SNMP) is a protocol used for network management. A denial-of-service flaw was found in the way Net-SNMP processes SNMP GETBULK requests. A remote attacker who issued a specially-crafted request could cause the snmpd server to crash. (CVE-2008-4309) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0971 CESA-2008:0971-CentOS 5 CESA-2008:0971-CentOS 3 CVE-2008-4309 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 5 CentOS Linux 3 | Product(s): | net-snmp |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6171 | |||
Oval ID: | oval:org.mitre.oval:def:6171 | ||
Title: | Net-snmp GETBULK Request Processing Bug Lets Remote Users Deny Service | ||
Description: | Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4309 | Version: | 3 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6353 | |||
Oval ID: | oval:org.mitre.oval:def:6353 | ||
Title: | Security Vulnerability in the SNMP daemon (snmpd(1M)) May Lead to a Denial of Service (DoS) Condition | ||
Description: | Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4309 | Version: | 1 |
Platform(s): | Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7025 | |||
Oval ID: | oval:org.mitre.oval:def:7025 | ||
Title: | DSA-1663 net-snmp -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in NET SNMP, a suite of Simple Network Management Protocol applications. The Common Vulnerabilities and Exposures project identifies the following problems: Wes Hardaker reported that the SNMPv3 HMAC verification relies on the client to specify the HMAC length, which allows spoofing of authenticated SNMPv3 packets. John Kortink reported a buffer overflow in the __snprint_value function in snmp_get causing a denial of service and potentially allowing the execution of arbitrary code via a large OCTETSTRING in an attribute value pair (AVP). It was reported that an integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c allows remote attackers to cause a denial of service attack via a crafted SNMP GETBULK request. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1663 CVE-2008-0960 CVE-2008-2292 CVE-2008-4309 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | net-snmp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8426 | |||
Oval ID: | oval:org.mitre.oval:def:8426 | ||
Title: | VMware net-snmp divide-by-zero vulnerability | ||
Description: | agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1887 | Version: | 2 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9716 | |||
Oval ID: | oval:org.mitre.oval:def:9716 | ||
Title: | agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309. | ||
Description: | agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1887 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9860 | |||
Oval ID: | oval:org.mitre.oval:def:9860 | ||
Title: | Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. | ||
Description: | Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4309 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for net-snmp CESA-2009:1124 centos3 i386 File : nvt/gb_CESA-2009_1124_net-snmp_centos3_i386.nasl |
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : SLES10: Security update for net-snmp File : nvt/sles10_net-snmp.nasl |
2009-10-10 | Name : SLES9: Security update for net-snmp File : nvt/sles9p5041460.nasl |
2009-07-29 | Name : Mandrake Security Advisory MDVSA-2009:156 (net-snmp) File : nvt/mdksa_2009_156.nasl |
2009-06-30 | Name : RedHat Security Advisory RHSA-2009:1124 File : nvt/RHSA_2009_1124.nasl |
2009-06-30 | Name : CentOS Security Advisory CESA-2009:1124 (net-snmp) File : nvt/ovcesa2009_1124.nasl |
2009-04-09 | Name : Mandriva Update for net-snmp MDVSA-2008:225 (net-snmp) File : nvt/gb_mandriva_MDVSA_2008_225.nasl |
2009-03-23 | Name : Ubuntu Update for net-snmp vulnerabilities USN-685-1 File : nvt/gb_ubuntu_USN_685_1.nasl |
2009-03-06 | Name : RedHat Update for net-snmp RHSA-2008:0971-01 File : nvt/gb_RHSA-2008_0971-01_net-snmp.nasl |
2009-02-27 | Name : CentOS Update for net-snmp CESA-2008:0971 centos3 x86_64 File : nvt/gb_CESA-2008_0971_net-snmp_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for net-snmp CESA-2008:0971 centos3 i386 File : nvt/gb_CESA-2008_0971_net-snmp_centos3_i386.nasl |
2009-02-18 | Name : Fedora Core 10 FEDORA-2009-1769 (net-snmp) File : nvt/fcore_2009_1769.nasl |
2009-02-17 | Name : Fedora Update for net-snmp FEDORA-2008-9362 File : nvt/gb_fedora_2008_9362_net-snmp_fc8.nasl |
2009-02-17 | Name : Fedora Update for net-snmp FEDORA-2008-9367 File : nvt/gb_fedora_2008_9367_net-snmp_fc9.nasl |
2009-02-16 | Name : Fedora Update for net-snmp FEDORA-2008-10451 File : nvt/gb_fedora_2008_10451_net-snmp_fc10.nasl |
2009-02-02 | Name : SuSE Security Summary SUSE-SR:2009:003 File : nvt/suse_sr_2009_003.nasl |
2009-01-26 | Name : Gentoo Security Advisory GLSA 200901-15 (net-snmp) File : nvt/glsa_200901_15.nasl |
2008-11-19 | Name : FreeBSD Ports: net-snmp File : nvt/freebsd_net-snmp2.nasl |
2008-11-19 | Name : Debian Security Advisory DSA 1663-1 (net-snmp) File : nvt/deb_1663_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-320-02 net-snmp File : nvt/esoft_slk_ssa_2008_320_02.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
56459 | Net-SNMP snmpd agent/snmp_agent.c Crafted GETBULK Request Remote DoS |
49524 | Net-SNMP getbulk Code Response / Repeat Saturation Remote DoS |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-02-05 | IAVM : 2009-B-0006 - Multiple Vulnerabilities in VMware Severity : Category I - VMSKEY : V0018295 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1124.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0971.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090625_net_snmp_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081103_net_snmp_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2010-12-17 | Name : The remote network device is affected by multiple remote vulnerabilities. File : airport_firmware_7_5_2.nasl - Type : ACT_GATHER_INFO |
2010-02-17 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0003.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12298.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2009-0001.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libsnmp15-081121.nasl - Type : ACT_GATHER_INFO |
2009-06-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1124.nasl - Type : ACT_GATHER_INFO |
2009-06-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1124.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-002.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-225.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2008-10451.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0971.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-685-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-1769.nasl - Type : ACT_GATHER_INFO |
2009-01-26 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_net-snmp-5807.nasl - Type : ACT_GATHER_INFO |
2009-01-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200901-15.nasl - Type : ACT_GATHER_INFO |
2008-12-03 | Name : The remote openSUSE host is missing a security update. File : suse_libsnmp15-5808.nasl - Type : ACT_GATHER_INFO |
2008-11-17 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-320-02.nasl - Type : ACT_GATHER_INFO |
2008-11-14 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_daf045d7b21111dda987000c29ca8953.nasl - Type : ACT_GATHER_INFO |
2008-11-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1663.nasl - Type : ACT_GATHER_INFO |
2008-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9362.nasl - Type : ACT_GATHER_INFO |
2008-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9367.nasl - Type : ACT_GATHER_INFO |
2008-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0971.nasl - Type : ACT_GATHER_INFO |
2007-06-04 | Name : The remote host is missing Sun Security Patch number 120273-42 File : solaris10_x86_120273.nasl - Type : ACT_GATHER_INFO |
2007-05-20 | Name : The remote host is missing Sun Security Patch number 120272-40 File : solaris10_120272.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:07:15 |
|