CentOS Update For Net-snmp CESA-2008:0971 Centos3 X86_64 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The Simple Network Management Protocol (SNMP) is a protocol used for network management. A denial-of-service flaw was found in the way Net-SNMP processes SNMP GETBULK requests. A remote attacker who issued a specially-crafted request could cause the snmpd server to crash. (CVE-2008-4309) Note: An attacker must have read access to the SNMP server in order to exploit this flaw. In the default configuration, the community name &quot public&quot grants read-only access. In production deployments, it is recommended to change this default community name. All users of net-snmp should upgrade to these updated packages, which contain a backported patch to resolve this issue.

Affected

net-snmp on CentOS 3

References

http://lists.centos.org/pipermail/centos-announce/2008-November/015368.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-4309
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

CentOS Security Advisory CESA-2009:0474 (acpid)
CentOS Update for acpid CESA-2009:0474 centos4 i386
CentOS Security Advisory CESA-2009:1484 (postgresql)
CentOS Security Advisory CESA-2009:1036 (ipsec-tools)
CentOS Security Advisory CESA-2009:1243 (kernel)

CentOS Update for net-snmp CESA-2008:0971 centos3 x86_64

Take action and discover your vulnerabilities