Check Point Advisories

Update Protection against Net-SNMP Denial of Service

Check Point Reference: CPAI-2009-043
Date Published: 6 Feb 2009
Severity: Low
Last Updated: Thursday 01 January, 2009
Source: SecurityFocus
Industry Reference:CVE-2008-4309
Protection Provided by:
Who is Vulnerable? net-analyzer/net-snmp 5.4.2.1
Vulnerability Description Net-SNMP is a suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3. Net-SNMP is available for many Unix and Unix-like operating systems and also for Microsoft Windows. Net-SNMP is vulnerable to a denial of service that can be triggerred by sending a specially-crafted SNMP GETBULK request, a remote attacker could exploit this vulnerability to cause the application to crash.
Update/Patch AvaliableUpgrade to the latest version of Net-SNMP available from the Net-SNMP Web page at http://net-snmp.sourceforge.net/.
Vulnerability DetailsThe vulnerability is casued by an integer overflow in the netsnmp_create_subtree_cache() function.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK