cpe:/a:net-snmp:net-snmp:5.0.9 cpe:/a:net-snmp:net-snmp:5.0.10 cpe:/a:net-snmp:net-snmp:5.1.2 cpe:/a:net-snmp:net-snmp:5.1.3 cpe:/a:net-snmp:net-snmp:5.1.4 cpe:/a:net-snmp:net-snmp:5.2 cpe:/a:net-snmp:net-snmp:5.2.1 cpe:/a:net-snmp:net-snmp:5.2.1.2_r1 cpe:/a:net-snmp:net-snmp:5.2.4 cpe:/a:net-snmp:net-snmp:5.2.5 cpe:/a:net-snmp:net-snmp:5.3 cpe:/a:net-snmp:net-snmp:5.3.2.2 cpe:/a:net-snmp:net-snmp:5.4 cpe:/a:net-snmp:net-snmp:5.4.1 cpe:/a:net-snmp:net-snmp:5.4.2 cpe:/o:net-snmp:net_snmp:5.1 cpe:/o:net-snmp:net_snmp:5.1.1 cpe:/o:net-snmp:net_snmp:5.3.0.1 cpe:/o:net-snmp:net_snmp:5.4 CVE-2008-6123 2009-02-12T11:30:00.187-05:00 2017-09-28T21:32:58.947-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2009-02-12T11:49:00.000-05:00 SECTRACK 1021921 SECUNIA 34499 SECUNIA 35416 SECUNIA 35685 REDHAT RHSA-2009:0295 SUSE SUSE-SR:2009:011 SUSE SUSE-SR:2009:012 SUSE SUSE-SR:2010:003 MLIST [oss-security] 20090212 CVE Request -- net-snmp (sensitive host information disclosure) MLIST [oss-security] 20090212 Re: CVE Request -- net-snmp (sensitive host information disclosure) MLIST [oss-security] Re: 20090212 CVE Request -- net-snmp (sensitive host information disclosure) CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=250429 MISC http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.c?r1=17325&r2=17367&pathrev=17367 CONFIRM http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=485211 The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion."