Gentoo Logo

net-snmp: Authorization bypass

Content:

1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 201001-05 / net-snmp
Release Date January 13, 2010
Latest Revision January 13, 2010: 01
Impact normal
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
net-analyzer/net-snmp < 5.4.2.1-r1 >= 5.4.2.1-r1 All supported architectures

Related bugreports: #250429

Synopsis

A remote attacker can bypass the tcp-wrappers client authorization in net-snmp.

2.  Impact Information

Background

net-snmp bundles software for generating and retrieving SNMP data.

Description

The netsnmp_udp_fmtaddr() function (snmplib/snmpUDPDomain.c), when using TCP wrappers for client authorization, does not properly parse hosts.allow rules.

Impact

A remote, unauthenticated attacker could bypass the ACL filtering, possibly resulting in the execution of arbitrary SNMP queries.

3.  Resolution Information

Workaround

If possible, protect net-snmp with custom iptables rules:

Code Listing 3.1: Workaround

iptables -s [client] -d [host] -p udp --dport 161 -j ACCEPT
iptables -s 0.0.0.0/0 -d [host] -p udp --dport 161 -j DROP

Resolution

All net-snmp users should upgrade to the latest version:

Code Listing 3.2: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/net-snmp-5.4.2.1-r1"

4.  References



Print

Page updated January 13, 2010

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.