[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-2292Date: (C)2008-05-18   (M)2023-12-22


Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1020527
SUNALERT-239785
BID-29212
SECUNIA-30187
SECUNIA-30615
SECUNIA-30647
SECUNIA-31155
SECUNIA-31334
SECUNIA-31351
SECUNIA-31467
SECUNIA-31568
SECUNIA-32664
SECUNIA-33003
ADV-2008-1528
ADV-2008-2141
ADV-2008-2361
DSA-1663
FEDORA-2008-5215
FEDORA-2008-5218
FEDORA-2008-5224
GLSA-200808-02
MDVSA-2008:118
RHSA-2008:0529
SUSE-SA:2008:039
USN-685-1
http://sourceforge.net/tracker/index.php?func=detail&aid=1826174&group_id=12694&atid=112694
http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm
http://www.vmware.com/security/advisories/VMSA-2008-0013.html
netsnmp-snprintvalue-bo(42430)
oval:org.mitre.oval:def:11261

CWE    1
CWE-119
OVAL    2
oval:org.mitre.oval:def:7025
oval:org.secpod.oval:def:301381

© SecPod Technologies