Back to search
CVE-2008-4309
Published: Oct 31, 2008
Modified: May 28, 2026
PUBLISHED
Description
Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
33631
third-party-advisory
x_refsource_SECUNIA
32664
third-party-advisory
x_refsource_SECUNIA
32560
third-party-advisory
x_refsource_SECUNIA
http://support.apple.com/kb/HT3549
x_refsource_CONFIRM
SUSE-SR:2009:003
vendor-advisory
x_refsource_SUSE
http://www.vmware.com/security/advisories/VMSA-2009-0001.html
x_refsource_CONFIRM
ADV-2009-0301
vdb-entry
x_refsource_VUPEN
33746
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0971
vendor-advisory
x_refsource_REDHAT
35074
third-party-advisory
x_refsource_SECUNIA
35679
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:9860
vdb-entry
signature
x_refsource_OVAL
APPLE-SA-2009-05-12
vendor-advisory
x_refsource_APPLE
33003
third-party-advisory
x_refsource_SECUNIA
262908
vendor-advisory
x_refsource_SUNALERT
32539
third-party-advisory
x_refsource_SECUNIA
32711
third-party-advisory
x_refsource_SECUNIA
DSA-1663
vendor-advisory
x_refsource_DEBIAN
oval:org.mitre.oval:def:6353
vdb-entry
signature
x_refsource_OVAL
netsnmp-netsnmpcreatesubtreecache-dos(46262)
vdb-entry
x_refsource_XF
[oss-security] 20081031 New net-snmp DoS
mailing-list
x_refsource_MLIST
APPLE-SA-2010-12-16-1
vendor-advisory
x_refsource_APPLE
TA09-133A
third-party-advisory
x_refsource_CERT
http://sourceforge.net/forum/forum.php?forum_id=882903
x_refsource_CONFIRM
oval:org.mitre.oval:def:6171
vdb-entry
signature
x_refsource_OVAL
33095
third-party-advisory
x_refsource_SECUNIA
ADV-2009-1297
vdb-entry
x_refsource_VUPEN
1021129
vdb-entry
x_refsource_SECTRACK
http://support.apple.com/kb/HT4298
x_refsource_CONFIRM
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0315
x_refsource_CONFIRM
http://support.avaya.com/elmodocs2/security/ASA-2008-467.htm
x_refsource_CONFIRM
ADV-2008-2973
vdb-entry
x_refsource_VUPEN
32020
vdb-entry
x_refsource_BID
33821
third-party-advisory
x_refsource_SECUNIA
ADV-2009-1771
vdb-entry
x_refsource_VUPEN
GLSA-200901-15
vendor-advisory
x_refsource_GENTOO
20081112 rPSA-2008-0315-1 net-snmp net-snmp-client net-snmp-server net-snmp-utils
mailing-list
x_refsource_BUGTRAQ
HPSBMA02447
vendor-advisory
x_refsource_HP
USN-685-1
vendor-advisory
x_refsource_UBUNTU
SSRT090062
vendor-advisory
x_refsource_HP
ADV-2008-3400
vdb-entry
x_refsource_VUPEN
MDVSA-2008:225
vendor-advisory
x_refsource_MANDRIVA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now