Secunia Research Advisory - A vulnerability has been identified in Net-SNMP that is caused due to an unspecified error. This reportedly makes it is possible for a user or community to gain access to data in MIB objects that they explicitly have been restricted from accessing.
75b4a2a5da5d69c52c7ff2aa190ab3025cf4c580fd544d378b42cf0c27d80e72
TITLE:
Net-SNMP Unauthenticated MIB Object Access Vulnerability
SECUNIA ADVISORY ID:
SA9697
VERIFY ADVISORY:
http://www.secunia.com/advisories/9697/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass
WHERE:
From local network
SOFTWARE:
Net-snmp 5.x
DESCRIPTION:
A vulnerability has been identified in Net-SNMP, which can be
exploited by malicious users to bypass certain security
restrictions.
The vulnerability is caused due to an unspecified error. This
reportedly makes it is possible for a user or community to gain
access to data in MIB objects that they explicitly have been
restricted access to.
SOLUTION:
Update to version 5.0.9:
http://sourceforge.net/project/showfiles.php?group_id=12694
ORIGINAL ADVISORY:
http://sourceforge.net/project/shownotes.php?release_id=182697
----------------------------------------------------------------------
Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : support@secunia.com
Tel : +45 7020 5144
Fax : +45 7020 5145
----------------------------------------------------------------------