CVE-2008-6123
Summary
| CVE | CVE-2008-6123 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2009-02-12 16:30:00 UTC |
| Updated | 2024-01-12 20:41:00 UTC |
| Description | The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion." |
Risk And Classification
Problem Types: CWE-863
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Net-snmp | Net-snmp | 5.0.10 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.0.9 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.1.2 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.1.3 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.1.4 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.2 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.2.1 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.2.1.2_r1 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.2.4 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.2.5 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.3 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.3.2.2 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.4 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.4.1 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.4.2 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.0.10 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.0.9 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.1.2 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.1.3 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.1.4 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.2 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.2.1 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.2.1.2_r1 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.2.4 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.2.5 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.3 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.3.2.2 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.4 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.4.1 | All | All | All |
| Application | Net-snmp | Net-snmp | 5.4.2 | All | All | All |
| Application | Net-snmp | Net-snmp | All | All | All | All |
| Operating System | Net-snmp | Net Snmp | 5.1 | All | All | All |
| Operating System | Net-snmp | Net Snmp | 5.1.1 | All | All | All |
| Operating System | Net-snmp | Net Snmp | 5.3.0.1 | All | All | All |
| Operating System | Net-snmp | Net Snmp | 5.4 | All | All | All |
| Operating System | Net-snmp | Net Snmp | 5.1 | All | All | All |
| Operating System | Net-snmp | Net Snmp | 5.1.1 | All | All | All |
| Operating System | Net-snmp | Net Snmp | 5.3.0.1 | All | All | All |
| Operating System | Net-snmp | Net Snmp | 5.4 | All | All | All |
| Operating System | Opensuse | Opensuse | 10.3-11.1 | All | All | All |
| Operating System | Opensuse | Opensuse | 11.2 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 3.0 | All | All | All |
| Operating System | Suse | Linux Enterprise | 9-11 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SourceForge.net Repository - [net-snmp] Revision 17367 | CONFIRM | net-snmp.svn.sourceforge.net | |
| 404 Not Found | MISC | net-snmp.svn.sourceforge.net | |
| oss-security - Re: CVE Request -- net-snmp (sensitive host information disclosure) | MLIST | www.openwall.com | |
| Red Hat update for net-snmp - Secunia.com | SECUNIA | secunia.com | |
| oss-security - Re: CVE Request -- net-snmp (sensitive host information disclosure) | MLIST | www.openwall.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Bug 485211 – CVE-2008-6123 net-snmp: incorrect application of hosts access restrictions in hosts.{allow,deny} | CONFIRM | bugzilla.redhat.com | |
| Net-snmp netsnmp_udp_fmtaddr() Lets Remote Users Bypass Access Controls - SecurityTracker | SECTRACK | www.securitytracker.com | |
| Gentoo Bug 250429 - <net-analyzer/net-snmp-5.4.2.1-r1 tcp-wrappers vulnerability allowing 3rd parties to access snmpd (CVE-2008-6123) | CONFIRM | bugs.gentoo.org | |
| SUSE Update for Multiple Packages - Advisories - Community | SECUNIA | secunia.com | |
| oss-security - CVE Request -- net-snmp (sensitive host information disclosure) | MLIST | www.openwall.com | |
| SUSE Update for Multiple Packages - Secunia Advisories - Vulnerability Information - Secunia.com | SECUNIA | secunia.com | |
| [security-announce] SUSE Security Summary Report: SUSE-SR:2009:012 | SUSE | lists.opensuse.org | |
| [security-announce] SUSE Security Summary Report: SUSE-SR:2010:003 | SUSE | lists.opensuse.org | |
| [security-announce] SUSE Security Summary Report: SUSE-SR:2009:011 | SUSE | lists.opensuse.org | |
| Support | REDHAT | www.redhat.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.