CVE DATABASE / CVE-2008-6123
CVE-2008-6123
CVSS 5 · MEDIUM
Summary
The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion."
CVSS 2.0 breakdown
| Base score | 5 (MEDIUM) |
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Confidentiality | PARTIAL |
| Integrity | NONE |
| Availability | NONE |
Weakness type (CWE)
Affected products
Net-snmp net-snmpOpensuse opensuseSuse linux enterpriseRedhat enterprise linux
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://bugs.gentoo.org/show_bug.cgi?id=250429
- http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html
- http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.c?r1=17325&r2=17367&pathrev=17367
- http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367
- http://secunia.com/advisories/34499
- http://secunia.com/advisories/35416
- http://secunia.com/advisories/35685
- http://www.openwall.com/lists/oss-security/2009/02/12/2
- http://www.openwall.com/lists/oss-security/2009/02/12/4
- http://www.openwall.com/lists/oss-security/2009/02/12/7
- http://www.redhat.com/support/errata/RHSA-2009-0295.html
- http://www.securitytracker.com/id?1021921
- https://bugzilla.redhat.com/show_bug.cgi?id=485211
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.