Denial of service in net-snmp
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2007-5846 |
| CWE-ID | CWE-400 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Net-snmp Server applications / Remote management servers, RDP, SSH |
| Vendor | net-snmp.sourceforge.net |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Resource exhaustion
EUVDB-ID: #VU49578
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-5846
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the SNMP agent (snmp_agent.c) in net-snmp does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion by sending a GETBULK request with a large max-repeaters value and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNet-snmp: 5.0.1 - 5.3.4.pre2
CPE2.3- cpe:2.3:a:net-snmp_sourceforge_net:net-snmp:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp_sourceforge_net:net-snmp:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp_sourceforge_net:net-snmp:5.0.3:*:*:*:*:*:*:*
https://bugs.gentoo.org/show_bug.cgi?id=198346
https://lists.vmware.com/pipermail/security-announce/2008/000014.html
https://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-4-1/net-snmp/agent/snmp_agent.c?view=log
https://osvdb.org/38904
https://security.gentoo.org/glsa/glsa-200711-31.xml
https://sourceforge.net/project/shownotes.php?release_id=528095&group_id=12694
https://sourceforge.net/tracker/index.php?func=detail&aid=1712988&group_id=12694&atid=112694
https://www.debian.org/security/2008/dsa-1483
https://www.mandriva.com/security/advisories?name=MDKSA-2007:225
https://www.novell.com/linux/security/advisories/2007_25_sr.html
https://www.redhat.com/support/errata/RHSA-2007-1045.html
https://www.securityfocus.com/archive/1/490917/100/0/threaded
https://www.securityfocus.com/bid/26378
https://www.securitytracker.com/id?1018918
https://www.ubuntu.com/usn/usn-564-1
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43730
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11258
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00613.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
