Date: Tue, 21 Apr 2015 15:10:18 +0800 From: 罗大龙 <luodalongde@...il.com> To: Raphaël Rigo <ml-oss@...call.eu>, oss-security@...ts.openwall.com Subject: Re: net-snmp snmp_pdu_parse() function incompletely initializaition vulnerability Detail info： https://sourceforge.net/p/net-snmp/bugs/2615/ 2015-04-21 14:59 GMT+08:00 罗大龙 <luodalongde@...il.com>: > Hi > I using snmp v3 protocol , and these crash info are about client. > Net-snmp software had ensure this vulnerability , and I will forward > the message to you . > > 2015-04-20 21:33 GMT+08:00 Raphaël Rigo <ml-oss@...call.eu>: > >> Hello, >> >> On 13/04/2015 07:44, 罗大龙 wrote: >> > Greeting! This is Qinghao Tang from QIHU 360 company, China. I am a >> > security researcher there. >> > >> > I'm writing to apply for a CVE ID, for a 0day vulnerability in net-snmp. >> > Please refer to below report. >> > >> Thank you for your report, it is very interesting. >> I'm currently trying to understand the possible impact in one product we >> are using. I tried to reproduce the crashed but I could not. >> >> >> Would you mind sharing information regarding how you managed to get >> those crashes ? : >> >> > [crash info from /var/log/messages] >> > >> > sprint_realloc_integer >> > >> > snmpget:0x290a3 >> > >> > overview:Feb 22 11:37:48 localhost kernel: snmpget: segfault at >> 0 ip >> > 00007f00cbff20a3 sp 00007fff7bf08620 error 4 in >> > libnetsnmp.so.30.0.3[7f00cbfc9000+ac000] >> > >> [...] >> >> Is it using SNMPv3 or v1 ? >> >> Or is it in the client ? >> >> Regards, >> Raphaël Rigo >> >> >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ