oss-sec mailing list archives
CVE-2008-2292 net-snmp __snprint_value
From: Nico Golde <oss-security+ml () ngolde de>
Date: Sat, 24 May 2008 12:16:30 +0200
Hi, the CVE id states that PERL/SNMP.xs is vulnerable to a buffer overflow "via a large OCTETSTRING in an attribute value pair (AVP)." Unfortunately the same vulnerability applies to the python module as well. See python/netsnmp/client_intf.c Please update your patches and the CVE id. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
_bin
Description:
Current thread:
- CVE-2008-2292 net-snmp __snprint_value Nico Golde (May 24)
- Re: CVE-2008-2292 net-snmp __snprint_value Nico Golde (May 24)