CVE-2008-6123 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2008-6123 Interim 1 20 2023-09-12T02:19:32Z current 2021-05-30T12:45:15Z 2023-09-12T02:19:32Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2008-6123 The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion." The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html E-Mail link for SUSE-SR:2009:011 https://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html E-Mail link for SUSE-SR:2009:012 https://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html E-Mail link for SUSE-SR:2010:003 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Software Development Kit 11 SP4 libsnmp15-32bit-5.4.2.1-8.12.16.1 libsnmp15-32bit-5.4.2.1-8.12.22.1 libsnmp15-32bit-5.4.2.1-8.12.6.1 libsnmp15-32bit-5.4.2.1-8.2.1 libsnmp15-5.4.2.1-8.12.16.1 libsnmp15-5.4.2.1-8.12.22.1 libsnmp15-5.4.2.1-8.12.6.1 libsnmp15-5.4.2.1-8.2.1 libsnmp15-openssl1-32bit-5.4.2.1-8.12.31.1 libsnmp15-openssl1-5.4.2.1-8.12.31.1 libsnmp15-x86-5.4.2.1-8.12.16.1 libsnmp15-x86-5.4.2.1-8.12.22.1 libsnmp15-x86-5.4.2.1-8.12.6.1 libsnmp15-x86-5.4.2.1-8.2.1 net-snmp net-snmp-5.4.2.1-8.12.16.1 net-snmp-5.4.2.1-8.12.22.1 net-snmp-5.4.2.1-8.12.6.1 net-snmp-5.4.2.1-8.2.1 net-snmp-devel-32bit-5.4.2.1-8.12.22.1 net-snmp-devel-5.4.2.1-8.12.22.1 perl-SNMP-5.4.2.1-8.12.16.1 perl-SNMP-5.4.2.1-8.12.22.1 perl-SNMP-5.4.2.1-8.12.6.1 perl-SNMP-5.4.2.1-8.2.1 snmp-mibs-5.4.2.1-8.12.16.1 snmp-mibs-5.4.2.1-8.12.22.1 snmp-mibs-5.4.2.1-8.12.6.1 snmp-mibs-5.4.2.1-8.2.1 libsnmp15-5.4.2.1-8.2.1 as a component of SUSE Linux Enterprise Server 11 SP1 libsnmp15-32bit-5.4.2.1-8.2.1 as a component of SUSE Linux Enterprise Server 11 SP1 libsnmp15-x86-5.4.2.1-8.2.1 as a component of SUSE Linux Enterprise Server 11 SP1 net-snmp-5.4.2.1-8.2.1 as a component of SUSE Linux Enterprise Server 11 SP1 perl-SNMP-5.4.2.1-8.2.1 as a component of SUSE Linux Enterprise Server 11 SP1 snmp-mibs-5.4.2.1-8.2.1 as a component of SUSE Linux Enterprise Server 11 SP1 libsnmp15-5.4.2.1-8.12.6.1 as a component of SUSE Linux Enterprise Server 11 SP2 libsnmp15-32bit-5.4.2.1-8.12.6.1 as a component of SUSE Linux Enterprise Server 11 SP2 libsnmp15-x86-5.4.2.1-8.12.6.1 as a component of SUSE Linux Enterprise Server 11 SP2 net-snmp-5.4.2.1-8.12.6.1 as a component of SUSE Linux Enterprise Server 11 SP2 perl-SNMP-5.4.2.1-8.12.6.1 as a component of SUSE Linux Enterprise Server 11 SP2 snmp-mibs-5.4.2.1-8.12.6.1 as a component of SUSE Linux Enterprise Server 11 SP2 libsnmp15-5.4.2.1-8.12.16.1 as a component of SUSE Linux Enterprise Server 11 SP3 libsnmp15-32bit-5.4.2.1-8.12.16.1 as a component of SUSE Linux Enterprise Server 11 SP3 libsnmp15-x86-5.4.2.1-8.12.16.1 as a component of SUSE Linux Enterprise Server 11 SP3 net-snmp-5.4.2.1-8.12.16.1 as a component of SUSE Linux Enterprise Server 11 SP3 perl-SNMP-5.4.2.1-8.12.16.1 as a component of SUSE Linux Enterprise Server 11 SP3 snmp-mibs-5.4.2.1-8.12.16.1 as a component of SUSE Linux Enterprise Server 11 SP3 libsnmp15-5.4.2.1-8.12.22.1 as a component of SUSE Linux Enterprise Server 11 SP4 libsnmp15-32bit-5.4.2.1-8.12.22.1 as a component of SUSE Linux Enterprise Server 11 SP4 libsnmp15-x86-5.4.2.1-8.12.22.1 as a component of SUSE Linux Enterprise Server 11 SP4 net-snmp-5.4.2.1-8.12.22.1 as a component of SUSE Linux Enterprise Server 11 SP4 perl-SNMP-5.4.2.1-8.12.22.1 as a component of SUSE Linux Enterprise Server 11 SP4 snmp-mibs-5.4.2.1-8.12.22.1 as a component of SUSE Linux Enterprise Server 11 SP4 libsnmp15-openssl1-5.4.2.1-8.12.31.1 as a component of SUSE Linux Enterprise Server 11-SECURITY libsnmp15-openssl1-32bit-5.4.2.1-8.12.31.1 as a component of SUSE Linux Enterprise Server 11-SECURITY libsnmp15-32bit-5.4.2.1-8.12.22.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 net-snmp-devel-5.4.2.1-8.12.22.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 net-snmp-devel-32bit-5.4.2.1-8.12.22.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 net-snmp as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata net-snmp as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion." CVE-2008-6123 SUSE Linux Enterprise Server 11 SP1:libsnmp15-5.4.2.1-8.2.1 SUSE Linux Enterprise Server 11 SP1:libsnmp15-32bit-5.4.2.1-8.2.1 SUSE Linux Enterprise Server 11 SP1:libsnmp15-x86-5.4.2.1-8.2.1 SUSE Linux Enterprise Server 11 SP1:net-snmp-5.4.2.1-8.2.1 SUSE Linux Enterprise Server 11 SP1:perl-SNMP-5.4.2.1-8.2.1 SUSE Linux Enterprise Server 11 SP1:snmp-mibs-5.4.2.1-8.2.1 SUSE Linux Enterprise Server 11 SP2:libsnmp15-5.4.2.1-8.12.6.1 SUSE Linux Enterprise Server 11 SP2:libsnmp15-32bit-5.4.2.1-8.12.6.1 SUSE Linux Enterprise Server 11 SP2:libsnmp15-x86-5.4.2.1-8.12.6.1 SUSE Linux Enterprise Server 11 SP2:net-snmp-5.4.2.1-8.12.6.1 SUSE Linux Enterprise Server 11 SP2:perl-SNMP-5.4.2.1-8.12.6.1 SUSE Linux Enterprise Server 11 SP2:snmp-mibs-5.4.2.1-8.12.6.1 SUSE Linux Enterprise Server 11 SP3:libsnmp15-5.4.2.1-8.12.16.1 SUSE Linux Enterprise Server 11 SP3:libsnmp15-32bit-5.4.2.1-8.12.16.1 SUSE Linux Enterprise Server 11 SP3:libsnmp15-x86-5.4.2.1-8.12.16.1 SUSE Linux Enterprise Server 11 SP3:net-snmp-5.4.2.1-8.12.16.1 SUSE Linux Enterprise Server 11 SP3:perl-SNMP-5.4.2.1-8.12.16.1 SUSE Linux Enterprise Server 11 SP3:snmp-mibs-5.4.2.1-8.12.16.1 SUSE Linux Enterprise Server 11 SP4:libsnmp15-5.4.2.1-8.12.22.1 SUSE Linux Enterprise Server 11 SP4:libsnmp15-32bit-5.4.2.1-8.12.22.1 SUSE Linux Enterprise Server 11 SP4:libsnmp15-x86-5.4.2.1-8.12.22.1 SUSE Linux Enterprise Server 11 SP4:net-snmp-5.4.2.1-8.12.22.1 SUSE Linux Enterprise Server 11 SP4:perl-SNMP-5.4.2.1-8.12.22.1 SUSE Linux Enterprise Server 11 SP4:snmp-mibs-5.4.2.1-8.12.22.1 SUSE Linux Enterprise Server 11-SECURITY:libsnmp15-openssl1-5.4.2.1-8.12.31.1 SUSE Linux Enterprise Server 11-SECURITY:libsnmp15-openssl1-32bit-5.4.2.1-8.12.31.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libsnmp15-32bit-5.4.2.1-8.12.22.1 SUSE Linux Enterprise Software Development Kit 11 SP4:net-snmp-devel-5.4.2.1-8.12.22.1 SUSE Linux Enterprise Software Development Kit 11 SP4:net-snmp-devel-32bit-5.4.2.1-8.12.22.1 SUSE Linux Enterprise Server 11 SP1 for Teradata:net-snmp SUSE Linux Enterprise Server 11 SP3 for Teradata:net-snmp moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N