[Bug 241892] [NEW] [CVE-2008-2292] Buffer overflow in __snprint_value() in snmp_get
Alexander Konovalenko
alexkon at gmail.com
Sat Jun 21 12:41:57 BST 2008
*** This bug is a security vulnerability ***
Public security bug reported:
CVE-2008-2292 description:
"Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP
5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote
attackers to cause a denial of service (crash) and possibly execute
arbitrary code via a large OCTETSTRING in an attribute value pair
(AVP)."
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2292
** Affects: net-snmp (Ubuntu)
Importance: Undecided
Status: New
** Description changed:
CVE-2008-2292 description:
"Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP
5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote
attackers to cause a denial of service (crash) and possibly execute
arbitrary code via a large OCTETSTRING in an attribute value pair
(AVP)."
+
+ http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2292
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-2292
--
[CVE-2008-2292] Buffer overflow in __snprint_value() in snmp_get
https://bugs.launchpad.net/bugs/241892
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to net-snmp in ubuntu.
More information about the Ubuntu-server-bugs
mailing list