CVE-2008-4309Improper Input Validation in Net-snmp

CWE-20Improper Input ValidationCWE-190Integer Overflow or WraparoundCWE-369Divide By Zero13 documents8 sources
Severity
5.0MEDIUMNVD
EPSS
11.1%
top 6.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Net-snmpDebian Net-snmpVmware Esxi+2 more
Timeline
PublishedOct 31
Latest updateMay 2

Description

Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages6 packages

debiandebian/net-snmp< net-snmp 5.4.1~dfsg-11 (bookworm)+1
Debiannet-snmp/net-snmp< 5.4.1~dfsg-11+3
NVDnet-snmp/net-snmp4 versions+3

🔴Vulnerability Details

3
GHSA
GHSA-cf72-rgjq-hh5r: agent/snmp_agent2022-05-02
GHSA
GHSA-c4mx-98gv-gxm8: Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent2022-05-02
OSV
CVE-2008-4309: Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent2008-10-31

📋Vendor Advisories

6
Red Hat
net-snmp: DoS (division by zero) via SNMP GetBulk requests2009-06-25
VMware
ESX patches address an issue loading corrupt virtual disks and update Service Console packages2009-01-30
Debian
CVE-2009-1887: net-snmp - agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL)...2009
Ubuntu
Net-SNMP vulnerabilities2008-12-03
Red Hat
net-snmp: numresponses calculation integer overflow in snmp_agent.c2008-10-31

💬Community

2
Bugzilla
CVE-2009-1887 net-snmp: DoS (division by zero) via SNMP GetBulk requests2009-06-19
Bugzilla
CVE-2008-4309 net-snmp: numresponses calculation integer overflow in snmp_agent.c2008-10-31