Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Gentoo: 202201-15 Critical: OpenSSL Vulnerability Exploit

gentoo
Calendar Grey January 13, 2010
Dist Gentoo Esm H88
A distant threat actor could potentially take advantage of net-snmp, resulting in an authorization flaw on Gentoo Linux systems. Update immediately!
A remote attacker can bypass the tcp-wrappers client authorization in net-snmp.

Summary

The netsnmp_udp_fmtaddr() function (snmplib/snmpUDPDomain.c), when using TCP wrappers for client authorization, does not properly parse hosts.allow rules.

Topics%20covered

Topics Covered

security advisory remote access Gentoo Linux net-snmp tcp wrappers normal severity authorization bypass

Resolution

All net-snmp users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/net-snmp-5.4.2.1-r1"

References

[ 1 ] CVE-2008-6123 https://www.cve.org/CVERecord?id=CVE-2008-6123

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201001-05
style>.gentoo_availability{display:block;}

Concerns

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

Severity: Normal
Title: net-snmp: Authorization bypass
Date: January 13, 2010
Bugs: #250429
ID: 201001-05

Topics%20covered

Topics Covered

security advisory remote access Gentoo Linux net-snmp tcp wrappers normal severity authorization bypass

Synopsis

A remote attacker can bypass the tcp-wrappers client authorization in net-snmp.

Background

net-snmp bundles software for generating and retrieving SNMP data.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/net-snmp < 5.4.2.1-r1 >= 5.4.2.1-r1

Impact

===== A remote, unauthenticated attacker could bypass the ACL filtering, possibly resulting in the execution of arbitrary SNMP queries.

Workaround

If possible, protect net-snmp with custom iptables rules: iptables -s [client] -d [host] -p udp --dport 161 -j ACCEPT iptables -s 0.0.0.0/0 -d [host] -p udp --dport 161 -j DROP

Your message here