Date: Thu, 6 Mar 2014 15:22:07 +0100 From: Raphael Geissert <geissert@...ian.org> To: oss-security@...ts.openwall.com Subject: CVE request: net-snmp agentx incorrect handling of multi-object requests DoS Hi, It was found that the AgentX subagent of net-snmp can be stalled when a manager sends a multi-object request with a different number of subids. From the Debian bug report: > This happens if one of the requested OID is larger than the previous one: > > agentx/master: request for variable (iso.22.214.171.124.126.96.36.199.7.7) > agentx/master: request for variable (iso.188.8.131.52.184.108.40.206.2.10) > agentx/master: request for variable (iso.220.127.116.11.18.104.22.168.8.7) > agentx/master: request for variable (iso.22.214.171.124.126.96.36.199.1.3.101) > > First three OID contain 11 subid while the next one has 12 subid. Resulting error message from the subagent: > agentx: Oversized Object ID The bug is fixed upstream for the 5.4 branch in 5.4.4. From the upstream bug report this was also fixed in the 5.3 branch but I don't know on what specific version. Could a CVE id be assigned? Thanks Upstream bug report: http://sourceforge.net/p/net-snmp/patches/1113/ More explicit impact: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684388 Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ