Vulnerability Name: CVE-2008-0960 (CCN-42967) Assigned: 2008-06-09 Published: 2008-06-09 Updated: 2018-10-30 Summary: SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte. CVSS v3 Severity: 9.4 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): LowAvailibility (A): High
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C )8.3 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
9.0 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:P/A:C )7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:P/A:C/E:F/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): PartialAvailibility (A): Complete
5.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N )4.8 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:F/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): None
Vulnerability Type: CWE-287 Vulnerability Consequences: Bypass Security References: Source: MITRE Type: CNACVE-2008-0960 Source: APPLE Type: UNKNOWNAPPLE-SA-2008-06-30 Source: MLIST Type: UNKNOWN[productinfo] 20080611 Ingate Firewall and SIParator affected by SNMPv3 vulnerability Source: SUSE Type: UNKNOWNSUSE-SA:2008:039 Source: CCN Type: VMSA-2008-0017Updated ESX packages for libxml2, ucd-snmp, libtiff Source: HP Type: UNKNOWNSSRT080082 Source: CCN Type: RHSA-2008-0528Moderate: ucd-snmp security update Source: REDHAT Type: UNKNOWNRHSA-2008:0528 Source: CCN Type: RHSA-2008-0529Moderate: net-snmp security update Source: CCN Type: SA30574Net-SNMP HMAC Authentication Spoofing Vulnerability Source: SECUNIA Type: Vendor Advisory30574 Source: SECUNIA Type: Vendor Advisory30596 Source: CCN Type: SA30612Cisco Products SNMPv3 Two Vulnerabilities Source: SECUNIA Type: UNKNOWN30612 Source: SECUNIA Type: Vendor Advisory30615 Source: CCN Type: SA30626Juniper Networks Session and Resource Control Appliances SNMP HMAC Spoofing Source: SECUNIA Type: Vendor Advisory30626 Source: SECUNIA Type: Vendor Advisory30647 Source: CCN Type: SA30648Ingate Firewall and SIParator SNMP HMAC Spoofing Source: SECUNIA Type: Vendor Advisory30648 Source: CCN Type: SA30665Sun Solaris SNMPv3 Authentication Bypass Source: SECUNIA Type: Vendor Advisory30665 Source: CCN Type: SA30802Apple Mac OS X Security Update Fixes Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory30802 Source: SECUNIA Type: Vendor Advisory31334 Source: SECUNIA Type: Vendor Advisory31351 Source: CCN Type: SA31467VMware updates for OpenSSL, net-snmp, and perl Source: SECUNIA Type: Vendor Advisory31467 Source: CCN Type: SA31489VMware ESXi OpenSSL Vulnerabilities Source: CCN Type: SA31568Avaya Products Net-snmp Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory31568 Source: CCN Type: SA32488VMware ESX Server update for libxml2 Source: SECUNIA Type: Vendor Advisory32664 Source: SECUNIA Type: Vendor Advisory33003 Source: CCN Type: SA35463HP OpenView SNMP Emanate Master Agent HMAC Authentication Spoofing Source: SECUNIA Type: UNKNOWN35463 Source: GENTOO Type: UNKNOWNGLSA-200808-02 Source: SREASON Type: UNKNOWN3933 Source: CCN Type: SECTRACK ID: 1020218Net-snmp SNMPv3 Authentication Bug Lets Remote Users Bypass Authentication Source: CCN Type: SourceForge.net Forum, 2008-06-09 13:42 SECURITY RELEASE: Multple Net-SNMP Versions Released Source: CONFIRM Type: UNKNOWNhttp://sourceforge.net/forum/forum.php?forum_id=833770 Source: CONFIRM Type: UNKNOWNhttp://sourceforge.net/tracker/index.php?func=detail&aid=1989089&group_id=12694&atid=456380 Source: SUNALERT Type: UNKNOWN238865 Source: CONFIRM Type: UNKNOWNhttp://support.apple.com/kb/HT2163 Source: CCN Type: ASA-2008-240ucd-snmp security update (RHSA-2008-0528) Source: CONFIRM Type: UNKNOWNhttp://support.avaya.com/elmodocs2/security/ASA-2008-282.htm Source: CCN Type: ASA-2008-282net-snmp security update (RHSA-2008-0529) Source: CCN Type: NORTEL BULLETIN ID: 2008008916, Rev 3Nortel Response to Potential Authentication Bypass Vulnerability in SNMPv3 Source: CCN Type: NORTEL BULLETIN ID: 2008008916, Rev 4Nortel Response to Potential Authentication Bypass Vulnerability in SNMPv3 Source: CCN Type: NORTEL BULLETIN ID: 2008008916, Rev 1Nortel Response to Potential Authentication Bypass Vulnerability in SNMPv3 Source: CCN Type: NORTEL BULLETIN ID: 2008008916, Rev 2Nortel Response to Potential Authentication Bypass Vulnerability in SNMPv3 Source: CCN Type: cisco-sa-20080610-snmpv3Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities Source: CISCO Type: Vendor Advisory20080610 SNMP Version 3 Authentication Vulnerabilities Source: DEBIAN Type: PatchDSA-1663 Source: DEBIAN Type: DSA-1663net-snmp -- several vulnerabilities Source: CCN Type: GLSA-200808-02Net-SNMP: Multiple vulnerabilities Source: CCN Type: inGate Web siteRelease notice for Ingate Firewall 471 and Ingate SIParator 471 Source: CCN Type: US-CERT VU#878044SNMPv3 improper HMAC validation allows authentication bypass Source: CERT-VN Type: US Government ResourceVU#878044 Source: CONFIRM Type: US Government Resourcehttp://www.kb.cert.org/vuls/id/CTAR-7FBS8Q Source: CONFIRM Type: US Government Resourcehttp://www.kb.cert.org/vuls/id/MIMG-7ETS5Z Source: CONFIRM Type: US Government Resourcehttp://www.kb.cert.org/vuls/id/MIMG-7ETS87 Source: MANDRIVA Type: UNKNOWNMDVSA-2008:118 Source: CCN Type: CERT Advisories #2008-006multiple SNMP implementations HMAC authentication spoofing Source: MISC Type: UNKNOWNhttp://www.ocert.org/advisories/ocert-2008-006.html Source: MLIST Type: UNKNOWN[oss-security] 20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing Source: REDHAT Type: UNKNOWNRHSA-2008:0529 Source: BUGTRAQ Type: UNKNOWN20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing Source: BUGTRAQ Type: UNKNOWN20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff Source: BID Type: Exploit, Patch29623 Source: CCN Type: BID-29623Net-SNMP Remote Authentication Bypass Vulnerability Source: CCN Type: BID-34309InGate Firewalls and SIParators Multiple Vulnerabilities Source: SECTRACK Type: UNKNOWN1020218 Source: CCN Type: USN-685-1Net-SNMP vulnerabilities Source: UBUNTU Type: UNKNOWNUSN-685-1 Source: CCN Type: US-CERT Technical Cyber Security Alert TA08-162ASNMPv3 Authentication Bypass Vulnerability Source: CERT Type: US Government ResourceTA08-162A Source: CCN Type: VMSA-2008-0013Updated ESX packages for OpenSSL, net-snmp, perl Source: CONFIRM Type: UNKNOWNhttp://www.vmware.com/security/advisories/VMSA-2008-0013.html Source: MISC Type: UNKNOWNhttp://www.vmware.com/security/advisories/VMSA-2008-0017.html Source: VUPEN Type: UNKNOWNADV-2008-1787 Source: VUPEN Type: UNKNOWNADV-2008-1788 Source: VUPEN Type: UNKNOWNADV-2008-1797 Source: VUPEN Type: UNKNOWNADV-2008-1800 Source: VUPEN Type: UNKNOWNADV-2008-1801 Source: VUPEN Type: UNKNOWNADV-2008-1836 Source: VUPEN Type: UNKNOWNADV-2008-1981 Source: VUPEN Type: UNKNOWNADV-2008-2361 Source: VUPEN Type: UNKNOWNADV-2008-2971 Source: VUPEN Type: UNKNOWNADV-2009-1612 Source: CCN Type: HP Security Bulletin HPSBMA02439 SSRT080082HP OpenView SNMP Emanate Master Agent HMAC Authentication Spoofing Source: CONFIRM Type: UNKNOWNhttps://bugzilla.redhat.com/show_bug.cgi?id=447974 Source: XF Type: UNKNOWNsnmpv3-hmac-security-bypass(42967) Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:10820 Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:5785 Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:6414 Source: EXPLOIT-DB Type: UNKNOWN5790 Source: FEDORA Type: UNKNOWNFEDORA-2008-5215 Source: FEDORA Type: UNKNOWNFEDORA-2008-5224 Source: FEDORA Type: UNKNOWNFEDORA-2008-5218 Source: SUSE Type: SUSE-SA:2008:039net-snmp security problems Vulnerable Configuration: Configuration 1 :cpe:/o:cisco:catos:7.1.1:*:*:*:*:*:*:* OR cpe:/o:cisco:catos:7.3.1:*:*:*:*:*:*:* OR cpe:/o:cisco:catos:7.4.1:*:*:*:*:*:*:* OR cpe:/o:cisco:catos:8.3:*:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.0:s:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.0:sy:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.1:e:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.2:ewa:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.2:jk:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.2:sb:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.2:sg:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.2:sga:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.2:sra:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.2:srb:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.2:src:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.2:sxb:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.2:sxd:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.2:sxf:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.2:zl:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.2:zy:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:*:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:b:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:ja:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:jeb:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:jk:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:jl:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:jx:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:t:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:xa:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:xg:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:xi:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:xk:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:xr:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:yf:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:yi:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:yt:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.3:yx:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.4:*:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.4:t:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.4:xa:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.4:xc:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.4:xd:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.4:xe:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.4:xj:*:*:*:*:*:* OR cpe:/o:cisco:cisco_ios:12.4:xw:*:*:*:*:*:* OR cpe:/o:cisco:ios:10.0:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:11.0:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:11.1:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:11.3:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.2:*:*:*:*:*:*:* OR cpe:/o:cisco:ios_xr:2.0:*:*:*:*:*:*:* OR cpe:/o:cisco:ios_xr:3.0:*:*:*:*:*:*:* OR cpe:/o:cisco:ios_xr:3.2:*:*:*:*:*:*:* OR cpe:/o:cisco:ios_xr:3.3:*:*:*:*:*:*:* OR cpe:/o:cisco:ios_xr:3.4:*:*:*:*:*:*:* OR cpe:/o:cisco:ios_xr:3.5:*:*:*:*:*:*:* OR cpe:/o:cisco:ios_xr:3.6:*:*:*:*:*:*:* OR cpe:/o:cisco:ios_xr:3.7:*:*:*:*:*:*:* OR cpe:/o:cisco:nx_os:4.0:*:*:*:*:*:*:* OR cpe:/o:cisco:nx_os:4.0.1:a:*:*:*:*:*:* OR cpe:/o:cisco:nx_os:4.0.2:*:*:*:*:*:*:* OR cpe:/o:ecos_sourceware:ecos:1.1:*:*:*:*:*:*:* OR cpe:/o:ecos_sourceware:ecos:1.2.1:*:*:*:*:*:*:* OR cpe:/o:ecos_sourceware:ecos:1.3.1:*:*:*:*:*:*:* OR cpe:/o:ecos_sourceware:ecos:2.0:*:*:*:*:*:*:* OR cpe:/o:ecos_sourceware:ecos:2.0:b1:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.0:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.0.1:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.0.2:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.0.3:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.0.4:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.0.5:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.0.6:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.0.7:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.0.8:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.0.9:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.1:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.1.1:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.1.2:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.2:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.3:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.3.0.1:*:*:*:*:*:*:* OR cpe:/o:net-snmp:net_snmp:5.4:*:*:*:*:*:*:* OR cpe:/o:sun:solaris:10.0:unkown:x86:*:*:*:*:* OR cpe:/o:sun:sunos:5.10:*:*:*:*:*:*:* AND cpe:/h:cisco:ace_10_6504_bundle_with_4_gbps_throughput:*:*:*:*:*:*:*:* OR cpe:/h:cisco:ace_10_6509_bundle_with_8_gbps_throughput:*:*:*:*:*:*:*:* OR cpe:/h:cisco:ace_10_service_module:*:*:*:*:*:*:*:* OR cpe:/h:cisco:ace_20_6504_bundle_with__4gbps_throughput:*:*:*:*:*:*:*:* OR cpe:/h:cisco:ace_20_6509_bundle_with_8gbps_throughput:*:*:*:*:*:*:*:* OR cpe:/h:cisco:ace_20_service_module:*:*:*:*:*:*:*:* OR cpe:/h:cisco:ace_4710:*:*:*:*:*:*:*:* OR cpe:/h:cisco:ace_xml_gateway:5.2:*:*:*:*:*:*:* OR cpe:/h:cisco:ace_xml_gateway:6.0:*:*:*:*:*:*:* OR cpe:/h:cisco:mds_9120:*:*:*:*:*:*:*:* OR cpe:/h:cisco:mds_9124:*:*:*:*:*:*:*:* OR cpe:/h:cisco:mds_9134:*:*:*:*:*:*:*:* OR cpe:/h:cisco:mds_9140:*:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:2.2.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:2.2.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:2.2.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:2.3.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:2.4.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:2.4.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:2.5.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:2.6.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:2.6.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:3.0.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:3.1.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:3.1.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:3.1.3:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:3.1.4:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:3.2.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:3.2.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:3.2.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:3.3.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.1.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.1.3:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.2.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.2.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.2.3:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.3.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.4.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.4.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.5.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.5.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.6.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.6.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.6.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:2.2.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:2.2.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:2.2.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:2.3.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:2.4.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:2.4.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:2.5.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:2.6.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:2.6.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:3.0.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:3.1.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:3.1.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:3.1.3:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:3.1.4:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:3.2.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:3.2.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:3.2.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:3.3.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.1.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.1.3:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.2.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.2.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.2.3:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.3.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.3.4:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.4.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.4.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.5.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.5.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.6.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.6.1:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.6.2:*:*:*:*:*:*:* AND cpe:/a:juniper:session_and_resource_control:1.0:*:*:*:*:*:*:* OR cpe:/a:juniper:session_and_resource_control:2.0:*:*:*:*:*:*:* OR cpe:/a:juniper:src_pe:1.0:*:*:*:*:*:*:* OR cpe:/a:juniper:src_pe:2.0:*:*:*:*:*:*:* Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* Configuration RedHat 3 :cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* Configuration RedHat 4 :cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* Configuration RedHat 5 :cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* Configuration RedHat 6 :cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* Configuration RedHat 7 :cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:* Configuration RedHat 8 :cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:* Configuration RedHat 9 :cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:* Configuration CCN 1 :cpe:/o:cisco:ios:12.0:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.1:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.2:*:*:*:*:*:*:* OR cpe:/h:cisco:mds_9000:*:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.1.3:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3:*:*:*:*:*:*:* OR cpe:/o:sun:solaris:10:*:sparc:*:*:*:*:* OR cpe:/o:sun:solaris:10:*:x86:*:*:*:*:* OR cpe:/o:cisco:ios_xr:3.2.2:*:*:*:*:*:*:* OR cpe:/o:cisco:ios_xr:3.2.4:*:*:*:*:*:*:* OR cpe:/h:cisco:application_control_engine_module:1.1:*:*:*:*:*:*:* OR cpe:/o:cisco:ios_xr:3.2.3:*:*:*:*:*:*:* OR cpe:/o:cisco:ios_xr:3.2.6:*:*:*:*:*:*:* OR cpe:/o:cisco:ios_xr:3.3.1:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.4:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.5.1:*:*:*:*:*:*:* OR cpe:/o:cisco:catos:6.1:*:*:*:*:*:*:* OR cpe:/o:cisco:catos:7.1:*:*:*:*:*:*:* OR cpe:/o:cisco:catos:8.5:*:*:*:*:*:*:* OR cpe:/o:cisco:ios_xr:3.3:*:*:*:*:*:*:* OR cpe:/a:net-snmp:net-snmp:5.4.1:*:*:*:*:*:*:* OR cpe:/o:cisco:nx-os:4.0:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_firewall:4.6.2:*:*:*:*:*:*:* OR cpe:/h:ingate:ingate_siparator:4.6.2:*:*:*:*:*:*:* AND cpe:/o:gentoo:linux:*:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:5.0:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:5.1:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:5.2:*:*:*:*:*:*:* OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:* OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:* OR cpe:/o:canonical:ubuntu:6.06:*:lts:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:* OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:* OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:x86-64:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:es:*:*:*:*:* OR cpe:/a:vmware:esx_server:2.5.5:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:4.0.3:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:4.1.1:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:4.1.3:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:4.2:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:4.2.11:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:4.2.7:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:4.2.9:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:5.0.1:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:5.0.17.5:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:5.0.3:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:5.0.5:*:*:*:*:*:*:* OR cpe:/a:cisco:application_and_content_networking_software:5.1.11.5:*:*:*:*:*:*:* OR cpe:/a:cisco:wide_area_application_services:4.0.7:*:*:*:*:*:*:* OR cpe:/a:cisco:wide_area_application_services:4.0.9:*:*:*:*:*:*:* OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:* OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:* OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:* OR cpe:/o:canonical:ubuntu:8.04:*:lts:*:*:*:*:* OR cpe:/a:vmware:esx_server:3.5:*:*:*:*:*:*:* OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:* OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:* OR cpe:/a:vmware:esx_server:3.0.3:*:*:*:*:*:*:* Denotes that component is vulnerable Oval Definitions Definition ID Class Title Last Modified oval:org.opensuse.security:def:20080960 V CVE-2008-0960 2017-09-27 oval:org.mitre.oval:def:17856 P USN-685-1 -- net-snmp vulnerabilities 2014-07-21 oval:org.mitre.oval:def:19948 P DSA-1663-1 net-snmp - several vulnerabilities 2014-06-23 oval:org.mitre.oval:def:7025 P DSA-1663 net-snmp -- several vulnerabilities 2014-06-23 oval:org.mitre.oval:def:22388 P ELSA-2008:0529: net-snmp security update (Moderate) 2014-05-26 oval:org.mitre.oval:def:10820 V SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte. 2013-04-29 oval:org.mitre.oval:def:5785 V Multiple Vendors Net-SNMPv3 Hash Message Authentication Code Design Error Vulnerability 2010-08-02 oval:org.mitre.oval:def:6414 V Net-snmp SNMPv3 Authentication Bug Lets Remote Users Bypass Authentication 2010-05-17 oval:org.debian:def:1663 V several vulnerabilities 2008-11-09 oval:com.redhat.rhsa:def:20080529 P RHSA-2008:0529: net-snmp security update (Moderate) 2008-06-10
BACK
cisco catos 7.1.1
cisco catos 7.3.1
cisco catos 7.4.1
cisco catos 8.3
cisco cisco ios 12.0 s
cisco cisco ios 12.0 sy
cisco cisco ios 12.1 e
cisco cisco ios 12.2 ewa
cisco cisco ios 12.2 jk
cisco cisco ios 12.2 sb
cisco cisco ios 12.2 sg
cisco cisco ios 12.2 sga
cisco cisco ios 12.2 sra
cisco cisco ios 12.2 srb
cisco cisco ios 12.2 src
cisco cisco ios 12.2 sxb
cisco cisco ios 12.2 sxd
cisco cisco ios 12.2 sxf
cisco cisco ios 12.2 zl
cisco cisco ios 12.2 zy
cisco cisco ios 12.3
cisco cisco ios 12.3 b
cisco cisco ios 12.3 ja
cisco cisco ios 12.3 jeb
cisco cisco ios 12.3 jk
cisco cisco ios 12.3 jl
cisco cisco ios 12.3 jx
cisco cisco ios 12.3 t
cisco cisco ios 12.3 xa
cisco cisco ios 12.3 xg
cisco cisco ios 12.3 xi
cisco cisco ios 12.3 xk
cisco cisco ios 12.3 xr
cisco cisco ios 12.3 yf
cisco cisco ios 12.3 yi
cisco cisco ios 12.3 yt
cisco cisco ios 12.3 yx
cisco cisco ios 12.4
cisco cisco ios 12.4 t
cisco cisco ios 12.4 xa
cisco cisco ios 12.4 xc
cisco cisco ios 12.4 xd
cisco cisco ios 12.4 xe
cisco cisco ios 12.4 xj
cisco cisco ios 12.4 xw
cisco ios 10.0
cisco ios 11.0
cisco ios 11.1
cisco ios 11.3
cisco ios 12.2
cisco ios xr 2.0
cisco ios xr 3.0
cisco ios xr 3.2
cisco ios xr 3.3
cisco ios xr 3.4
cisco ios xr 3.5
cisco ios xr 3.6
cisco ios xr 3.7
cisco nx os 4.0
cisco nx os 4.0.1 a
cisco nx os 4.0.2
ecos_sourceware ecos 1.1
ecos_sourceware ecos 1.2.1
ecos_sourceware ecos 1.3.1
ecos_sourceware ecos 2.0
ecos_sourceware ecos 2.0 b1
net-snmp net snmp 5.0
net-snmp net snmp 5.0.1
net-snmp net snmp 5.0.2
net-snmp net snmp 5.0.3
net-snmp net snmp 5.0.4
net-snmp net snmp 5.0.5
net-snmp net snmp 5.0.6
net-snmp net snmp 5.0.7
net-snmp net snmp 5.0.8
net-snmp net snmp 5.0.9
net-snmp net snmp 5.1
net-snmp net snmp 5.1.1
net-snmp net snmp 5.1.2
net-snmp net snmp 5.2
net-snmp net snmp 5.3
net-snmp net snmp 5.3.0.1
net-snmp net snmp 5.4
sun solaris 10.0 unkown
sun sunos 5.10
cisco ace 10 6504 bundle with 4 gbps throughput *
cisco ace 10 6509 bundle with 8 gbps throughput *
cisco ace 10 service module *
cisco ace 20 6504 bundle with 4gbps throughput *
cisco ace 20 6509 bundle with 8gbps throughput *
cisco ace 20 service module *
cisco ace 4710 *
cisco ace xml gateway 5.2
cisco ace xml gateway 6.0
cisco mds 9120 *
cisco mds 9124 *
cisco mds 9134 *
cisco mds 9140 *
ingate ingate firewall 2.2.0
ingate ingate firewall 2.2.1
ingate ingate firewall 2.2.2
ingate ingate firewall 2.3.0
ingate ingate firewall 2.4.0
ingate ingate firewall 2.4.1
ingate ingate firewall 2.5.0
ingate ingate firewall 2.6.0
ingate ingate firewall 2.6.1
ingate ingate firewall 3.0.2
ingate ingate firewall 3.1.0
ingate ingate firewall 3.1.1
ingate ingate firewall 3.1.3
ingate ingate firewall 3.1.4
ingate ingate firewall 3.2.0
ingate ingate firewall 3.2.1
ingate ingate firewall 3.2.2
ingate ingate firewall 3.3.1
ingate ingate firewall 4.1.0
ingate ingate firewall 4.1.3
ingate ingate firewall 4.2.1
ingate ingate firewall 4.2.2
ingate ingate firewall 4.2.3
ingate ingate firewall 4.3.1
ingate ingate firewall 4.4.1
ingate ingate firewall 4.4.2
ingate ingate firewall 4.5.1
ingate ingate firewall 4.5.2
ingate ingate firewall 4.6.0
ingate ingate firewall 4.6.1
ingate ingate firewall 4.6.2
ingate ingate siparator 2.2.0
ingate ingate siparator 2.2.1
ingate ingate siparator 2.2.2
ingate ingate siparator 2.3.0
ingate ingate siparator 2.4.0
ingate ingate siparator 2.4.1
ingate ingate siparator 2.5.0
ingate ingate siparator 2.6.0
ingate ingate siparator 2.6.1
ingate ingate siparator 3.0.2
ingate ingate siparator 3.1.0
ingate ingate siparator 3.1.1
ingate ingate siparator 3.1.3
ingate ingate siparator 3.1.4
ingate ingate siparator 3.2.0
ingate ingate siparator 3.2.1
ingate ingate siparator 3.2.2
ingate ingate siparator 3.3.1
ingate ingate siparator 4.1.0
ingate ingate siparator 4.1.3
ingate ingate siparator 4.2.1
ingate ingate siparator 4.2.2
ingate ingate siparator 4.2.3
ingate ingate siparator 4.3.1
ingate ingate siparator 4.3.4
ingate ingate siparator 4.4.1
ingate ingate siparator 4.4.2
ingate ingate siparator 4.5.1
ingate ingate siparator 4.5.2
ingate ingate siparator 4.6.0
ingate ingate siparator 4.6.1
ingate ingate siparator 4.6.2
juniper session and resource control 1.0
juniper session and resource control 2.0
juniper src pe 1.0
juniper src pe 2.0
cisco ios 12.0
cisco ios 12.1
cisco ios 12.2
cisco mds 9000 *
ingate ingate firewall 4.1.3
cisco ios 12.3
sun solaris 10
sun solaris 10
cisco ios xr 3.2.2
cisco ios xr 3.2.4
cisco application control engine module 1.1
cisco ios xr 3.2.3
cisco ios xr 3.2.6
cisco ios xr 3.3.1
cisco ios 12.4
ingate ingate siparator 4.5.1
cisco catos 6.1
cisco catos 7.1
cisco catos 8.5
cisco ios xr 3.3
net-snmp net-snmp 5.4.1
cisco nx-os 4.0
ingate ingate firewall 4.6.2
ingate ingate siparator 4.6.2
gentoo linux *
redhat enterprise linux 2.1
redhat enterprise linux 2.1
redhat enterprise linux 2.1
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
mandrakesoft mandrake linux corporate server 3.0
redhat enterprise linux 4
redhat enterprise linux 4
cisco application and content networking software 5.0
cisco application and content networking software 5.1
cisco application and content networking software 5.2
novell linux desktop 9
redhat enterprise linux 4
redhat enterprise linux 4
mandrakesoft mandrake multi network firewall 2.0
redhat linux advanced workstation 2.1
canonical ubuntu 6.06
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 3.0
redhat enterprise linux 5
redhat enterprise linux 5
mandrakesoft mandrake linux 2007.1
mandrakesoft mandrake linux 2008.0
debian debian linux 4.0
redhat enterprise linux 5
canonical ubuntu 7.10
mandrakesoft mandrake linux 2008.0
mandrakesoft mandrake linux 2008.1 x86_64
mandrakesoft mandrake linux 2007.1
redhat enterprise linux 4.6.z ga
redhat enterprise linux 4.6.z ga
vmware esx server 2.5.5
cisco application and content networking software 4.0.3
cisco application and content networking software 4.1.1
cisco application and content networking software 4.1.3
cisco application and content networking software 4.2
cisco application and content networking software 4.2.11
cisco application and content networking software 4.2.7
cisco application and content networking software 4.2.9
cisco application and content networking software 5.0.1
cisco application and content networking software 5.0.17.5
cisco application and content networking software 5.0.3
cisco application and content networking software 5.0.5
cisco application and content networking software 5.1.11.5
cisco wide area application services 4.0.7
cisco wide area application services 4.0.9
novell open enterprise server *
novell opensuse 10.2
novell opensuse 10.3
mandrakesoft mandrake linux 2008.1
canonical ubuntu 8.04
vmware esx server 3.5
novell opensuse 11.0
novell suse linux enterprise server 10 sp2
vmware esx server 3.0.3