CVE-2008-4309

net-snmp: numresponses calculation integer overflow in snmp_agent.c

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats.

El código getbulk en net-snmp 5.4 antes de v5.4.2.1, 5.3 antes de v5.3.2.3, y 5.2 antes de v5.2.5.1 permite a atacantes remotos provocar una denegación de servicio (caída) mediante vectores relacionados con el número de respuestas o repeticiones.

*Credits: N/A

CVSS Scores

NISTv2 5.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2008-09-29 CVE Reserved
2008-10-31 CVE Published
2023-03-07 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation
CWE-190: Integer Overflow or Wraparound

CAPEC

References (44)

URL	Tag	Source
http://secunia.com/advisories/32539	Third Party Advisory
http://secunia.com/advisories/32560	Third Party Advisory
http://secunia.com/advisories/32664	Third Party Advisory
http://secunia.com/advisories/32711	Third Party Advisory
http://secunia.com/advisories/33003	Third Party Advisory
http://secunia.com/advisories/33095	Third Party Advisory
http://secunia.com/advisories/33631	Third Party Advisory
http://secunia.com/advisories/33746	Third Party Advisory
http://secunia.com/advisories/33821	Third Party Advisory
http://secunia.com/advisories/35074	Third Party Advisory
http://secunia.com/advisories/35679	Third Party Advisory
http://sourceforge.net/forum/forum.php?forum_id=882903	X_refsource_confirm
http://support.apple.com/kb/HT3549	X_refsource_confirm
http://support.apple.com/kb/HT4298	X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2008-467.htm	X_refsource_confirm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0315	X_refsource_confirm
http://www.openwall.com/lists/oss-security/2008/10/31/1	Mailing List
http://www.securityfocus.com/archive/1/498280/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/32020	Vdb Entry
http://www.securitytracker.com/id?1021129	Vdb Entry
http://www.us-cert.gov/cas/techalerts/TA09-133A.html	Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2009-0001.html	X_refsource_confirm
http://www.vupen.com/english/advisories/2008/2973	Vdb Entry
http://www.vupen.com/english/advisories/2008/3400	Vdb Entry
http://www.vupen.com/english/advisories/2009/0301	Vdb Entry
http://www.vupen.com/english/advisories/2009/1297	Vdb Entry
http://www.vupen.com/english/advisories/2009/1771	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/46262	Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6171	Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6353	Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9860	Signature

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html	2023-11-07
http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html	2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html	2023-11-07
http://marc.info/?l=bugtraq&m=125017764422557&w=2	2023-11-07
http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-2-5-1/net-snmp/agent/snmp_agent.c?r1=17271&r2=17272&pathrev=17272	2023-11-07
http://security.gentoo.org/glsa/glsa-200901-15.xml	2023-11-07
http://sunsolve.sun.com/search/document.do?assetkey=1-26-262908-1	2023-11-07
http://www.debian.org/security/2008/dsa-1663	2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2008:225	2023-11-07
http://www.redhat.com/support/errata/RHSA-2008-0971.html	2023-11-07
http://www.ubuntu.com/usn/usn-685-1	2023-11-07
https://access.redhat.com/security/cve/CVE-2008-4309	2008-11-03
https://bugzilla.redhat.com/show_bug.cgi?id=469349	2008-11-03

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Net-snmp Search vendor "Net-snmp"		Net-snmp Search vendor "Net-snmp" for product "Net-snmp"				5.2.5 Search vendor "Net-snmp" for product "Net-snmp" and version "5.2.5"		-		Affected
Net-snmp Search vendor "Net-snmp"		Net-snmp Search vendor "Net-snmp" for product "Net-snmp"				5.3.2.2 Search vendor "Net-snmp" for product "Net-snmp" and version "5.3.2.2"		-		Affected
Net-snmp Search vendor "Net-snmp"		Net-snmp Search vendor "Net-snmp" for product "Net-snmp"				5.4 Search vendor "Net-snmp" for product "Net-snmp" and version "5.4"		-		Affected