(Sun Issues Advisory) Net-snmp GETBULK Request Processing Bug Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1022501 |
|
SecurityTracker URL: http://securitytracker.com/id/1022501
|
|
CVE Reference:
CVE-2008-4309
(Links to External Site)
|
Date: Jul 2 2009
|
Impact:
Denial of service via network
|
Vendor Confirmed: Yes
|
Version(s): 5.2 prior to 5.2.5.1, 5.3 prior to 5.3.2.3, and 5.4 prior to 5.4.2.1
|
Description:
A vulnerability was reported in Net-snmp. A remote user can cause denial of service conditions.
A remote user can send a specially crafted GETBULK request to cause the target service to crash.
|
Impact:
A remote user can cause the target service to crash.
|
Solution:
Sun is working on a fix.
The Sun advisory is available at:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-262908-1
|
Vendor URL: www.net-snmp.org/ (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
UNIX (Solaris - SunOS)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Thu, 2 Jul 2009 15:01:58 -0400
Subject: http://sunsolve.sun.com/search/document.do?assetkey=1-66-262908-1
|
262908
Security Vulnerability in the SNMP daemon (snmpd(1M)) May Lead to a Denial of Service (DoS) Condition
CVE-2008-4309
|
|
