Executive Summary
| Informations | |||
|---|---|---|---|
| Name | MDVSA-2009:056 | First vendor Publication | 2009-02-25 |
| Vendor | Mandriva | Last vendor Modification | 2009-02-25 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A vulnerability has been identified and corrected in net-snmp: The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to source/destination IP address confusion. (CVE-2008-6123) The updated packages have been patched to prevent this. |
Original Source
| Url : http://www.mandriva.com/security/advisories?name=MDVSA-2009:056 |
CAPEC : Common Attack Pattern Enumeration & Classification
| Id | Name |
|---|---|
| CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-17 | Accessing, Modifying or Executing Executable Files |
| CAPEC-39 | Manipulating Opaque Client-based Data Tokens |
| CAPEC-45 | Buffer Overflow via Symbolic Links |
| CAPEC-51 | Poison Web Service Registry |
| CAPEC-59 | Session Credential Falsification through Prediction |
| CAPEC-60 | Reusing Session IDs (aka Session Replay) |
| CAPEC-76 | Manipulating Input to File System Calls |
| CAPEC-77 | Manipulating User-Controlled Variables |
| CAPEC-87 | Forceful Browsing |
| CAPEC-104 | Cross Zone Scripting |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10289 | |||
| Oval ID: | oval:org.mitre.oval:def:10289 | ||
| Title: | The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion." | ||
| Description: | The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-6123 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12964 | |||
| Oval ID: | oval:org.mitre.oval:def:12964 | ||
| Title: | USN-946-1 -- net-snmp vulnerability | ||
| Description: | The SNMP server did not correctly validate certain UDP clients when using TCP wrappers. Under some situations, a remote attacker could bypass access restrictions and communicate with the SNMP server, potentially leading to a loss of privacy or a denial of service. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-946-1 CVE-2008-6123 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | net-snmp |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-08-09 | Name : CentOS Update for net-snmp CESA-2009:0295 centos3 i386 File : nvt/gb_CESA-2009_0295_net-snmp_centos3_i386.nasl |
| 2010-06-07 | Name : Ubuntu Update for net-snmp vulnerability USN-946-1 File : nvt/gb_ubuntu_USN_946_1.nasl |
| 2010-01-20 | Name : Gentoo Security Advisory GLSA 201001-05 (net-snmp) File : nvt/glsa_201001_05.nasl |
| 2009-10-13 | Name : SLES10: Security update for net-snmp File : nvt/sles10_net-snmp0.nasl |
| 2009-10-10 | Name : SLES9: Security update for net-snmp File : nvt/sles9p5052020.nasl |
| 2009-07-06 | Name : SuSE Security Summary SUSE-SR:2009:012 File : nvt/suse_sr_2009_012.nasl |
| 2009-06-15 | Name : SuSE Security Summary SUSE-SR:2009:011 File : nvt/suse_sr_2009_011.nasl |
| 2009-03-31 | Name : RedHat Security Advisory RHSA-2009:0295 File : nvt/RHSA_2009_0295.nasl |
| 2009-03-31 | Name : CentOS Security Advisory CESA-2009:0295 (net-snmp) File : nvt/ovcesa2009_0295.nasl |
| 2009-03-02 | Name : Mandrake Security Advisory MDVSA-2009:056 (net-snmp) File : nvt/mdksa_2009_056.nasl |
| 2009-02-18 | Name : Fedora Core 10 FEDORA-2009-1769 (net-snmp) File : nvt/fcore_2009_1769.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 51895 | Net-SNMP TCP Wrapper SNMP Request Handling Information Disclosure |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0295.nasl - Type : ACT_GATHER_INFO |
| 2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-946-1.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090326_net_snmp_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
| 2010-02-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201001-05.nasl - Type : ACT_GATHER_INFO |
| 2010-02-07 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libsnmp15-100204.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12441.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_net-snmp-6248.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libsnmp15-090514.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libsnmp15-090514.nasl - Type : ACT_GATHER_INFO |
| 2009-05-29 | Name : The remote openSUSE host is missing a security update. File : suse_libsnmp15-6247.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-1769.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-056.nasl - Type : ACT_GATHER_INFO |
| 2009-03-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0295.nasl - Type : ACT_GATHER_INFO |
| 2009-03-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0295.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:40:03 |
|
