Summary
The remote host is missing an update to net-snmp
announced via advisory DSA 1483-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201483-1
Insight
The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value.
For the stable distribution (etch), this problem has been fixed in version 5.2.3-7etch2
For the unstable and testing distributions (sid and lenny, respectively), this problem has been fixed in version 5.4.1~dfsg-2
We recommend that you upgrade your net-snmp package.
Severity
Classification
-
CVE CVE-2007-5846 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities