FKIE_CVE-2008-6123

Vulnerability from fkie_nvd - Published: 2009-02-12 16:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion."
References
cve@mitre.orghttp://bugs.gentoo.org/show_bug.cgi?id=250429Exploit, Issue Tracking
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlMailing List
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.htmlMailing List
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.htmlMailing List
cve@mitre.orghttp://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.c?r1=17325&r2=17367&pathrev=17367Product
cve@mitre.orghttp://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367Product
cve@mitre.orghttp://secunia.com/advisories/34499Broken Link
cve@mitre.orghttp://secunia.com/advisories/35416Broken Link
cve@mitre.orghttp://secunia.com/advisories/35685Broken Link
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2009/02/12/2Mailing List
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2009/02/12/4Mailing List
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2009/02/12/7Mailing List
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2009-0295.htmlNot Applicable
cve@mitre.orghttp://www.securitytracker.com/id?1021921Broken Link, Third Party Advisory, VDB Entry
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=485211Issue Tracking, Patch
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10289Broken Link
af854a3a-2127-422b-91ae-364da2661108http://bugs.gentoo.org/show_bug.cgi?id=250429Exploit, Issue Tracking
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlMailing List
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.htmlMailing List
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.htmlMailing List
af854a3a-2127-422b-91ae-364da2661108http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.c?r1=17325&r2=17367&pathrev=17367Product
af854a3a-2127-422b-91ae-364da2661108http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367Product
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34499Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35416Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35685Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/02/12/2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/02/12/4Mailing List
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/02/12/7Mailing List
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-0295.htmlNot Applicable
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1021921Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=485211Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10289Broken Link
Impacted products
Vendor Product Version
net-snmp net-snmp *
opensuse opensuse 10.3-11.1
opensuse opensuse 11.2
suse linux_enterprise 9-11
redhat enterprise_linux 3.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92CC90A4-8D48-44D2-9F32-A4CAC212E16A",
              "versionEndIncluding": "5.4.2.1",
              "versionStartIncluding": "5.0.9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:10.3-11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7018930-D354-4B31-870E-D0E3CE19C8B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise:9-11:*:*:*:*:*:*:*",
              "matchCriteriaId": "170FDFDE-DADB-4CBF-9AB8-3A01C7BA94AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D8DAE0-8E75-435C-9BD6-FAEED2ACB47C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to \"source/destination IP address confusion.\""
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n netsnmp_udp_fmtaddr (snmplib/snmpUDPDomain.c) en net-snmp v5.0.9 hasta v5.4.2, cuando usando TCP wrappers para autorizaci\u00f3n de clientes, no analiza apropiadamente reglas hosts.allow, lo que permite a los atacantes remotos evitar restricciones de accesos intencionados y ejecuta consultas SNMP, relativas a \"direcciones IP fuente/destino confusas\"."
    }
  ],
  "id": "CVE-2008-6123",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-02-12T16:30:00.187",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Issue Tracking"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=250429"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product"
      ],
      "url": "http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.c?r1=17325\u0026r2=17367\u0026pathrev=17367"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product"
      ],
      "url": "http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev\u0026revision=17367"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/34499"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/35416"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/02/12/2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/02/12/4"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/02/12/7"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0295.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1021921"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=485211"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10289"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=250429"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.c?r1=17325\u0026r2=17367\u0026pathrev=17367"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev\u0026revision=17367"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/34499"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/35416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/35685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/02/12/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/02/12/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/02/12/7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0295.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1021921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=485211"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10289"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.