ID CVE-2009-1887
Summary agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309.
References
Vulnerable Configurations
  • Red Hat Enterprise Linux 3.0
    cpe:2.3:o:redhat:enterprise_linux:3.0
  • cpe:2.3:o:red_hat:enterprise_linux:3:-:es
    cpe:2.3:o:red_hat:enterprise_linux:3:-:es
  • cpe:2.3:o:red_hat:enterprise_linux:3:-:ws
    cpe:2.3:o:red_hat:enterprise_linux:3:-:ws
  • cpe:2.3:o:red_hat:enterprise_linux:3:-:as
    cpe:2.3:o:red_hat:enterprise_linux:3:-:as
  • Net-SNMP Net-SNMP 5.0.9
    cpe:2.3:a:net-snmp:net-snmp:5.0.9
CVSS
Base: 5.0 (as of 29-06-2009 - 08:46)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-1124.NASL
    description Updated net-snmp packages that fix a security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Simple Network Management Protocol (SNMP) is a protocol used for network management. A divide-by-zero flaw was discovered in the snmpd daemon. A remote attacker could issue a specially crafted GETBULK request that could crash the snmpd daemon. (CVE-2009-1887) Note: An attacker must have read access to the SNMP server in order to exploit this flaw. In the default configuration, the community name 'public' grants read-only access. In production deployments, it is recommended to change this default community name. All net-snmp users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the snmpd and snmptrapd daemons will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 39523
    published 2009-06-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39523
    title CentOS 3 : net-snmp (CESA-2009:1124)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-1124.NASL
    description From Red Hat Security Advisory 2009:1124 : Updated net-snmp packages that fix a security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Simple Network Management Protocol (SNMP) is a protocol used for network management. A divide-by-zero flaw was discovered in the snmpd daemon. A remote attacker could issue a specially crafted GETBULK request that could crash the snmpd daemon. (CVE-2009-1887) Note: An attacker must have read access to the SNMP server in order to exploit this flaw. In the default configuration, the community name 'public' grants read-only access. In production deployments, it is recommended to change this default community name. All net-snmp users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the snmpd and snmptrapd daemons will be restarted automatically.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 67880
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67880
    title Oracle Linux 3 : net-snmp (ELSA-2009-1124)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2010-0003.NASL
    description a. Service Console package net-snmp updated This patch updates the service console package for net-snmp, net-snmp-utils, and net-snmp-libs to version net-snmp-5.0.9-2.30E.28. This net-snmp update fixes a divide-by- zero flaw in the snmpd daemon. A remote attacker could issue a specially crafted GETBULK request that could cause the snmpd daemon to fail. This vulnerability was introduced by an incorrect fix for CVE-2008-4309. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1887 to this issue. Note: After installing the previous patch for net-snmp (ESX350-200901409-SG), running the snmpbulkwalk command with the parameter -CnX results in no output, and the snmpd daemon stops.
    last seen 2019-02-21
    modified 2018-08-15
    plugin id 44642
    published 2010-02-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44642
    title VMSA-2010-0003 : ESX Service Console update for net-snmp
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1124.NASL
    description Updated net-snmp packages that fix a security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Simple Network Management Protocol (SNMP) is a protocol used for network management. A divide-by-zero flaw was discovered in the snmpd daemon. A remote attacker could issue a specially crafted GETBULK request that could crash the snmpd daemon. (CVE-2009-1887) Note: An attacker must have read access to the SNMP server in order to exploit this flaw. In the default configuration, the community name 'public' grants read-only access. In production deployments, it is recommended to change this default community name. All net-snmp users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the snmpd and snmptrapd daemons will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 39527
    published 2009-06-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39527
    title RHEL 3 : net-snmp (RHSA-2009:1124)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20090625_NET_SNMP_ON_SL3_X.NASL
    description A divide-by-zero flaw was discovered in the snmpd daemon. A remote attacker could issue a specially crafted GETBULK request that could crash the snmpd daemon. (CVE-2009-1887) Note: An attacker must have read access to the SNMP server in order to exploit this flaw. In the default configuration, the community name 'public' grants read-only access. In production deployments, it is recommended to change this default community name. After installing the update, the snmpd and snmptrapd daemons will be restarted automatically.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60607
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60607
    title Scientific Linux Security Update : net-snmp on SL3.x i386/x86_64
oval via4
  • accepted 2010-06-07T04:01:11.391-04:00
    class vulnerability
    contributors
    name Pai Peng
    organization Hewlett-Packard
    definition_extensions
    • comment VMware ESX Server 3.5.0 is installed
      oval oval:org.mitre.oval:def:5887
    • comment VMWare ESX Server 3.0.3 is installed
      oval oval:org.mitre.oval:def:6026
    description agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309.
    family unix
    id oval:org.mitre.oval:def:8426
    status accepted
    submitted 2010-03-18T13:00:53.000-04:00
    title VMware net-snmp divide-by-zero vulnerability
    version 4
  • accepted 2013-04-29T04:21:33.956-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309.
    family unix
    id oval:org.mitre.oval:def:9716
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309.
    version 23
redhat via4
advisories
bugzilla
id 506903
title CVE-2009-1887 net-snmp: DoS (division by zero) via SNMP GetBulk requests
oval
AND
  • comment Red Hat Enterprise Linux 3 is installed
    oval oval:com.redhat.rhsa:tst:20060015001
  • OR
    • AND
      • comment net-snmp is earlier than 0:5.0.9-2.30E.28
        oval oval:com.redhat.rhsa:tst:20091124002
      • comment net-snmp is signed with Red Hat master key
        oval oval:com.redhat.rhsa:tst:20071045003
    • AND
      • comment net-snmp-devel is earlier than 0:5.0.9-2.30E.28
        oval oval:com.redhat.rhsa:tst:20091124006
      • comment net-snmp-devel is signed with Red Hat master key
        oval oval:com.redhat.rhsa:tst:20071045007
    • AND
      • comment net-snmp-libs is earlier than 0:5.0.9-2.30E.28
        oval oval:com.redhat.rhsa:tst:20091124008
      • comment net-snmp-libs is signed with Red Hat master key
        oval oval:com.redhat.rhsa:tst:20071045009
    • AND
      • comment net-snmp-perl is earlier than 0:5.0.9-2.30E.28
        oval oval:com.redhat.rhsa:tst:20091124004
      • comment net-snmp-perl is signed with Red Hat master key
        oval oval:com.redhat.rhsa:tst:20071045005
    • AND
      • comment net-snmp-utils is earlier than 0:5.0.9-2.30E.28
        oval oval:com.redhat.rhsa:tst:20091124010
      • comment net-snmp-utils is signed with Red Hat master key
        oval oval:com.redhat.rhsa:tst:20071045011
rhsa
id RHSA-2009:1124
released 2009-06-25
severity Moderate
title RHSA-2009:1124: net-snmp security update (Moderate)
rpms
  • net-snmp-0:5.0.9-2.30E.28
  • net-snmp-devel-0:5.0.9-2.30E.28
  • net-snmp-libs-0:5.0.9-2.30E.28
  • net-snmp-perl-0:5.0.9-2.30E.28
  • net-snmp-utils-0:5.0.9-2.30E.28
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=506903
mandriva MDVSA-2009:156
Last major update 21-08-2010 - 01:32
Published 26-06-2009 - 14:30
Last modified 28-09-2017 - 21:34
Back to Top