[Forgot Password]
Login  Register Subscribe

23631

 
 

122740

 
 

98503

 
 

909

 
 

79321

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-2292

Date: (C)2008-05-18   (M)2017-11-18 


Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).

CVSS Score: 6.8Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL





Reference:
SECTRACK-1020527
SUNALERT-239785
BID-29212
SECUNIA-30187
SECUNIA-30615
SECUNIA-30647
SECUNIA-31155
SECUNIA-31334
SECUNIA-31351
SECUNIA-31467
SECUNIA-31568
SECUNIA-32664
SECUNIA-33003
ADV-2008-1528
ADV-2008-2141
ADV-2008-2361
DSA-1663
FEDORA-2008-5215
FEDORA-2008-5218
FEDORA-2008-5224
GLSA-200808-02
MDVSA-2008:118
RHSA-2008:0529
SUSE-SA:2008:039
USN-685-1
http://sourceforge.net/tracker/index.php?func=detail&aid=1826174&group_id=12694&atid=112694
http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm
http://www.vmware.com/security/advisories/VMSA-2008-0013.html
netsnmp-snprintvalue-bo(42430)

CWE    1
CWE-119
OVAL    2
oval:org.secpod.oval:def:301381
oval:org.mitre.oval:def:7025

© 2013 SecPod Technologies