[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

111017

 
 

909

 
 

86402

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2008-2292Date: (C)2008-05-18   (M)2018-06-02


Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 6.8
Exploit Score: Exploit Score: 8.6
Impact Score: Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: MEDIUM
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: PARTIAL
Scope: Integrity: PARTIAL
Confidentiality: Availability: PARTIAL
Integrity:  
Availability:  
  
Reference:
SECTRACK-1020527
SUNALERT-239785
BID-29212
SECUNIA-30187
SECUNIA-30615
SECUNIA-30647
SECUNIA-31155
SECUNIA-31334
SECUNIA-31351
SECUNIA-31467
SECUNIA-31568
SECUNIA-32664
SECUNIA-33003
ADV-2008-1528
ADV-2008-2141
ADV-2008-2361
DSA-1663
FEDORA-2008-5215
FEDORA-2008-5218
FEDORA-2008-5224
GLSA-200808-02
MDVSA-2008:118
RHSA-2008:0529
SUSE-SA:2008:039
USN-685-1
http://sourceforge.net/tracker/index.php?func=detail&aid=1826174&group_id=12694&atid=112694
http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm
http://www.vmware.com/security/advisories/VMSA-2008-0013.html
netsnmp-snprintvalue-bo(42430)

CWE    1
CWE-119
OVAL    2
oval:org.mitre.oval:def:7025
oval:org.secpod.oval:def:301381

© SecPod Technologies