CVE-2008-6123

The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion."

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://bugs.gentoo.org/show_bug.cgi?id=250429	Exploit Issue Tracking
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html	Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html	Mailing List
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html	Mailing List
http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.c?r1=17325&r2=17367&pathrev=17367	Product
http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367	Product
http://secunia.com/advisories/34499	Broken Link
http://secunia.com/advisories/35416	Broken Link
http://secunia.com/advisories/35685	Broken Link
http://www.openwall.com/lists/oss-security/2009/02/12/2	Mailing List
http://www.openwall.com/lists/oss-security/2009/02/12/4	Mailing List
http://www.openwall.com/lists/oss-security/2009/02/12/7	Mailing List
http://www.redhat.com/support/errata/RHSA-2009-0295.html	Not Applicable
http://www.securitytracker.com/id?1021921	Broken Link Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=485211	Issue Tracking Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10289	Broken Link

Configurations

Configuration 1 (hide)

cpe:2.3:a:net-snmp:net-snmp:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:opensuse:opensuse:10.3-11.1:::::::*
	cpe:2.3:o:opensuse:opensuse:11.2:::::::*
	cpe:2.3:o:suse:linux_enterprise:9-11:::::::*

Configuration 3 (hide)

cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*

History

12 Jan 2024, 20:41

Type	Values Removed	Values Added
First Time		Redhat Redhat enterprise Linux Suse Opensuse opensuse Suse linux Enterprise Opensuse
References	~~() http://bugs.gentoo.org/show_bug.cgi?id=250429 -~~	() http://bugs.gentoo.org/show_bug.cgi?id=250429 - Exploit, Issue Tracking
References	~~() http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html -~~	() http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html - Mailing List
References	~~() http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html -~~	() http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html - Mailing List
References	~~() http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html -~~	() http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html - Mailing List
References	~~() http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.c?r1=17325&r2=17367&pathrev=17367 -~~	() http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.c?r1=17325&r2=17367&pathrev=17367 - Product
References	~~() http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367 -~~	() http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367 - Product
References	~~() http://secunia.com/advisories/34499 -~~	() http://secunia.com/advisories/34499 - Broken Link
References	~~() http://secunia.com/advisories/35416 -~~	() http://secunia.com/advisories/35416 - Broken Link
References	~~() http://secunia.com/advisories/35685 -~~	() http://secunia.com/advisories/35685 - Broken Link
References	~~() http://www.openwall.com/lists/oss-security/2009/02/12/2 -~~	() http://www.openwall.com/lists/oss-security/2009/02/12/2 - Mailing List
References	~~() http://www.openwall.com/lists/oss-security/2009/02/12/4 -~~	() http://www.openwall.com/lists/oss-security/2009/02/12/4 - Mailing List
References	~~() http://www.openwall.com/lists/oss-security/2009/02/12/7 -~~	() http://www.openwall.com/lists/oss-security/2009/02/12/7 - Mailing List
References	~~() http://www.redhat.com/support/errata/RHSA-2009-0295.html -~~	() http://www.redhat.com/support/errata/RHSA-2009-0295.html - Not Applicable
References	~~() http://www.securitytracker.com/id?1021921 -~~	() http://www.securitytracker.com/id?1021921 - Broken Link, Third Party Advisory, VDB Entry
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=485211 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=485211 - Issue Tracking, Patch
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10289 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10289 - Broken Link
CWE	~~CWE-20~~	CWE-863
CPE	cpe:2.3:o:net-snmp:net_snmp:5.3.0.1:::::::* cpe:2.3:a:net-snmp:net-snmp:5.4.2:::::::* cpe:2.3:a:net-snmp:net-snmp:5.2.1.2_r1:::::::* cpe:2.3:a:net-snmp:net-snmp:5.3.2.2:::::::* cpe:2.3:a:net-snmp:net-snmp:5.2:::::::* cpe:2.3:a:net-snmp:net-snmp:5.2.1:::::::* cpe:2.3:a:net-snmp:net-snmp:5.1.2:::::::* cpe:2.3:o:net-snmp:net_snmp:5.1.1:::::::* cpe:2.3:a:net-snmp:net-snmp:5.2.5:::::::* cpe:2.3:a:net-snmp:net-snmp:5.4:::::::* cpe:2.3:a:net-snmp:net-snmp:5.1.3:::::::* cpe:2.3:a:net-snmp:net-snmp:5.2.4:::::::* cpe:2.3:a:net-snmp:net-snmp:5.0.9:::::::* cpe:2.3:o:net-snmp:net_snmp:5.1:::::::* cpe:2.3:a:net-snmp:net-snmp:5.0.10:::::::* cpe:2.3:a:net-snmp:net-snmp:5.1.4:::::::* cpe:2.3:o:net-snmp:net_snmp:5.4:::::::* cpe:2.3:a:net-snmp:net-snmp:5.3:::::::* cpe:2.3:a:net-snmp:net-snmp:5.4.1:::::::*	cpe:2.3:o:opensuse:opensuse:11.2:::::::* cpe:2.3:o:opensuse:opensuse:10.3-11.1:::::::* cpe:2.3:a:net-snmp:net-snmp:::::::: cpe:2.3:o:redhat:enterprise_linux:3.0:::::::* cpe:2.3:o:suse:linux_enterprise:9-11:::::::*

Information

Published : 2009-02-12 16:30

Updated : 2024-01-12 20:41

NVD link : CVE-2008-6123

Mitre link : CVE-2008-6123

CVE.ORG link : CVE-2008-6123

JSON object : View

Products Affected

opensuse

opensuse

redhat

enterprise_linux

suse

linux_enterprise

net-snmp

net-snmp

CWE

CWE-863

Incorrect Authorization

{"id": "CVE-2008-6123", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-02-12T16:30:00.187", "references": [{"url": "http://bugs.gentoo.org/show_bug.cgi?id=250429", "tags": ["Exploit", "Issue Tracking"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html", "tags": ["Mailing List"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html", "tags": ["Mailing List"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html", "tags": ["Mailing List"], "source": "cve@mitre.org"}, {"url": "http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.c?r1=17325&r2=17367&pathrev=17367", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/34499", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/35416", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/35685", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2009/02/12/2", "tags": ["Mailing List"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2009/02/12/4", "tags": ["Mailing List"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2009/02/12/7", "tags": ["Mailing List"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2009-0295.html", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1021921", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=485211", "tags": ["Issue Tracking", "Patch"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10289", "tags": ["Broken Link"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to \"source/destination IP address confusion.\""}, {"lang": "es", "value": "La funci\u00f3n netsnmp_udp_fmtaddr (snmplib/snmpUDPDomain.c) en net-snmp v5.0.9 hasta v5.4.2, cuando usando TCP wrappers para autorizaci\u00f3n de clientes, no analiza apropiadamente reglas hosts.allow, lo que permite a los atacantes remotos evitar restricciones de accesos intencionados y ejecuta consultas SNMP, relativas a \"direcciones IP fuente/destino confusas\"."}], "lastModified": "2024-01-12T20:41:14.313", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:net-snmp:net-snmp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92CC90A4-8D48-44D2-9F32-A4CAC212E16A", "versionEndIncluding": "5.4.2.1", "versionStartIncluding": "5.0.9"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:10.3-11.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7018930-D354-4B31-870E-D0E3CE19C8B5"}, {"criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise:9-11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "170FDFDE-DADB-4CBF-9AB8-3A01C7BA94AB"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40D8DAE0-8E75-435C-9BD6-FAEED2ACB47C"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}