Solution
Please Install the Updated Packages.
Insight
The Simple Network Management Protocol (SNMP) is a protocol used for network management.
A denial-of-service flaw was found in the way Net-SNMP processes SNMP GETBULK requests. A remote attacker who issued a specially-crafted request could cause the snmpd server to crash. (CVE-2008-4309)
Note: An attacker must have read access to the SNMP server in order to exploit this flaw. In the default configuration, the community name "
public"
grants read-only access. In production deployments, it is recommended to change this default community name.
All users of net-snmp should upgrade to these updated packages, which contain a backported patch to resolve this issue.
Affected
net-snmp on CentOS 3
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-4309 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities