Executive Summary
Summary | |
---|---|
Title | ucd-snmp security update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0528 | First vendor Publication | 2008-06-10 |
Vendor | RedHat | Last vendor Modification | 2008-06-10 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated ucd-snmp packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Description: The Simple Network Management Protocol (SNMP) is a protocol used for network management. A flaw was found in the way ucd-snmp checked an SNMPv3 packet's Keyed-Hash Message Authentication Code (HMAC). An attacker could use this flaw to spoof an authenticated SNMPv3 packet. (CVE-2008-0960) All users of ucd-snmp should upgrade to these updated packages, which contain a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 447974 - CVE-2008-0960 net-snmp SNMPv3 authentication bypass (VU#877044) |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0528.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-287 | Improper Authentication |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10820 | |||
Oval ID: | oval:org.mitre.oval:def:10820 | ||
Title: | SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte. | ||
Description: | SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-0960 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22388 | |||
Oval ID: | oval:org.mitre.oval:def:22388 | ||
Title: | ELSA-2008:0529: net-snmp security update (Moderate) | ||
Description: | Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP). | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0529-01 CVE-2008-2292 CVE-2008-0960 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | net-snmp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5785 | |||
Oval ID: | oval:org.mitre.oval:def:5785 | ||
Title: | Multiple Vendors Net-SNMPv3 Hash Message Authentication Code Design Error Vulnerability | ||
Description: | SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte. | ||
Family: | ios | Class: | vulnerability |
Reference(s): | CVE-2008-0960 | Version: | 3 |
Platform(s): | Cisco IOS | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6414 | |||
Oval ID: | oval:org.mitre.oval:def:6414 | ||
Title: | Net-snmp SNMPv3 Authentication Bug Lets Remote Users Bypass Authentication | ||
Description: | SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-0960 | Version: | 3 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 | |
Application | 2 |
ExploitDB Exploits
id | Description |
---|---|
2008-06-12 | SNMPv3 HMAC validation error Remote Authentication Bypass Exploit |
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004 File : nvt/macosx_upd_10_5_4_secupd_2008-004.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : SLES10: Security update for net-snmp File : nvt/sles10_net-snmp1.nasl |
2009-10-10 | Name : SLES9: Security update for net-snmp File : nvt/sles9p5031860.nasl |
2009-04-09 | Name : Mandriva Update for net-snmp MDVSA-2008:118 (net-snmp) File : nvt/gb_mandriva_MDVSA_2008_118.nasl |
2009-03-23 | Name : Ubuntu Update for net-snmp vulnerabilities USN-685-1 File : nvt/gb_ubuntu_USN_685_1.nasl |
2009-03-06 | Name : RedHat Update for ucd-snmp RHSA-2008:0528-01 File : nvt/gb_RHSA-2008_0528-01_ucd-snmp.nasl |
2009-03-06 | Name : RedHat Update for net-snmp RHSA-2008:0529-01 File : nvt/gb_RHSA-2008_0529-01_net-snmp.nasl |
2009-02-27 | Name : CentOS Update for ucd-snmp CESA-2008:0528-01 centos2 i386 File : nvt/gb_CESA-2008_0528-01_ucd-snmp_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for net-snmp CESA-2008:0529 centos3 i386 File : nvt/gb_CESA-2008_0529_net-snmp_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for net-snmp CESA-2008:0529 centos3 x86_64 File : nvt/gb_CESA-2008_0529_net-snmp_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for net-snmp CESA-2008:0529 centos4 i386 File : nvt/gb_CESA-2008_0529_net-snmp_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for net-snmp CESA-2008:0529 centos4 x86_64 File : nvt/gb_CESA-2008_0529_net-snmp_centos4_x86_64.nasl |
2009-02-17 | Name : Fedora Update for net-snmp FEDORA-2008-5224 File : nvt/gb_fedora_2008_5224_net-snmp_fc7.nasl |
2009-02-17 | Name : Fedora Update for net-snmp FEDORA-2008-9367 File : nvt/gb_fedora_2008_9367_net-snmp_fc9.nasl |
2009-02-17 | Name : Fedora Update for net-snmp FEDORA-2008-9362 File : nvt/gb_fedora_2008_9362_net-snmp_fc8.nasl |
2009-02-17 | Name : Fedora Update for net-snmp FEDORA-2008-5218 File : nvt/gb_fedora_2008_5218_net-snmp_fc8.nasl |
2009-02-17 | Name : Fedora Update for net-snmp FEDORA-2008-5215 File : nvt/gb_fedora_2008_5215_net-snmp_fc9.nasl |
2009-01-23 | Name : SuSE Update for net-snmp SUSE-SA:2008:039 File : nvt/gb_suse_2008_039.nasl |
2008-11-19 | Name : Debian Security Advisory DSA 1663-1 (net-snmp) File : nvt/deb_1663_1.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200808-02 (net-snmp) File : nvt/glsa_200808_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-210-07 net-snmp File : nvt/esoft_slk_ssa_2008_210_07.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
55248 | HP OpenView SNMP Emanate Master Agent HMAC Authentication SNMPv3 Authenticati... |
46669 | Apple Mac OS X HMAC Authentication SNMPv3 Authentication Packet Spoofing |
46276 | Solaris snmpd(1M) HMAC Authentication SNMPv3 Authentication Packet Spoofing |
46102 | Ingate Firewall/SIParator HMAC Authentication SNMPv3 Authentication Packet Sp... |
46088 | Juniper Multiple Appliances HMAC Authentication SNMPv3 Authentication Packet ... |
46086 | Cisco Multiple Products HMAC Authentication SNMPv3 Authentication Packet Spoo... |
46060 | UCD-SNMP HMAC Authentication SNMPv3 Authentication Packet Spoofing |
46059 | Net-SNMP HMAC Authentication SNMPv3 Authentication Packet Spoofing |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2008-11-06 | IAVM : 2008-B-0078 - Multiple Vulnerabilities in VMware Severity : Category I - VMSKEY : V0017874 |
2008-06-19 | IAVM : 2008-T-0026 - SNMP Remote Authentication Bypass Vulnerability Severity : Category I - VMSKEY : V0016046 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Multiple Vendors SNMPv3 HMAC handling authentication bypass attempt RuleID : 17699 - Revision : 3 - Type : PROTOCOL-SNMP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL8939.nasl - Type : ACT_GATHER_INFO |
2013-12-14 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20080610-snmpv3-iosxr.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0529.nasl - Type : ACT_GATHER_INFO |
2013-05-31 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20080610-snmpv3-nxos.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080610_net_snmp_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2010-09-01 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20080610-snmpv3http.nasl - Type : ACT_GATHER_INFO |
2010-07-19 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_39886.nasl - Type : ACT_GATHER_INFO |
2010-07-19 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_39887.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12204.nasl - Type : ACT_GATHER_INFO |
2009-07-31 | Name : The SNMP server running on this host is affected by an authentication bypass ... File : snmpv3_authentication_bypass.nasl - Type : ACT_ATTACK |
2009-07-27 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2008-0017.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2008-0013.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libsnmp15-080706.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-118.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-685-1.nasl - Type : ACT_GATHER_INFO |
2008-11-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1663.nasl - Type : ACT_GATHER_INFO |
2008-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9367.nasl - Type : ACT_GATHER_INFO |
2008-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9362.nasl - Type : ACT_GATHER_INFO |
2008-08-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200808-02.nasl - Type : ACT_GATHER_INFO |
2008-08-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_net-snmp-5422.nasl - Type : ACT_GATHER_INFO |
2008-08-01 | Name : The remote openSUSE host is missing a security update. File : suse_libsnmp15-5418.nasl - Type : ACT_GATHER_INFO |
2008-07-29 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-210-07.nasl - Type : ACT_GATHER_INFO |
2008-07-01 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_4.nasl - Type : ACT_GATHER_INFO |
2008-07-01 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-004.nasl - Type : ACT_GATHER_INFO |
2008-06-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0529.nasl - Type : ACT_GATHER_INFO |
2008-06-12 | Name : The remote Fedora host is missing a security update. File : fedora_2008-5215.nasl - Type : ACT_GATHER_INFO |
2008-06-12 | Name : The remote Fedora host is missing a security update. File : fedora_2008-5218.nasl - Type : ACT_GATHER_INFO |
2008-06-12 | Name : The remote Fedora host is missing a security update. File : fedora_2008-5224.nasl - Type : ACT_GATHER_INFO |
2008-06-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0529.nasl - Type : ACT_GATHER_INFO |
2008-06-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0528.nasl - Type : ACT_GATHER_INFO |
2007-06-04 | Name : The remote host is missing Sun Security Patch number 120273-42 File : solaris10_x86_120273.nasl - Type : ACT_GATHER_INFO |
2007-05-20 | Name : The remote host is missing Sun Security Patch number 120272-40 File : solaris10_120272.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:44 |
|