Net-SNMP GETBULK Remote Denial Of Service Vulnerability

2015年7月21日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 中

CVE識別番号: CVE-2008-4309

概要

Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats.

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1003059

Trend Micro Deep Security DPI Rule Name: 1003059 - Net-SNMP GETBULK Remote Denial Of Service Vulnerability

影響を受けるソフトウェア

net-snmp net-snmp 5.2.5
net-snmp net-snmp 5.3.2.2
net-snmp net-snmp 5.4