CVE-2008-4309
CVE-2008-4309
Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://lists.apple.com/archives/security-announce/2009/May/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2010//Dec/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.htmlhttp://marc.info/?l=bugtraq&m=125017764422557&w=2http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-2-5-1/net-snmp/agent/snmp_agent.c?r1=17271&r2=17272&pathrev=17272http://secunia.com/advisories/32539http://secunia.com/advisories/32560http://secunia.com/advisories/32664http://secunia.com/advisories/32711http://secunia.com/advisories/33003http://secunia.com/advisories/33095http://secunia.com/advisories/33631