CVE-2008-6123

N/A Unknown
Published: February 12, 2009 Modified: April 23, 2026
View on NVD

Description

The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion."

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=250429
Source: cve@mitre.org
Exploit Issue Tracking
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
Source: cve@mitre.org
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
Source: cve@mitre.org
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html
Source: cve@mitre.org
Mailing List
http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.c?r1=17325&r2=17367&pathrev=17367
Source: cve@mitre.org
Product
http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367
Source: cve@mitre.org
Product
http://secunia.com/advisories/34499
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/35416
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/35685
Source: cve@mitre.org
Broken Link
http://www.openwall.com/lists/oss-security/2009/02/12/2
Source: cve@mitre.org
Mailing List
http://www.openwall.com/lists/oss-security/2009/02/12/4
Source: cve@mitre.org
Mailing List
http://www.openwall.com/lists/oss-security/2009/02/12/7
Source: cve@mitre.org
Mailing List
http://www.redhat.com/support/errata/RHSA-2009-0295.html
Source: cve@mitre.org
Not Applicable
http://www.securitytracker.com/id?1021921
Source: cve@mitre.org
Broken Link Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=485211
Source: cve@mitre.org
Issue Tracking Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10289
Source: cve@mitre.org
Broken Link
http://bugs.gentoo.org/show_bug.cgi?id=250429
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Issue Tracking
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.c?r1=17325&r2=17367&pathrev=17367
Source: af854a3a-2127-422b-91ae-364da2661108
Product
http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367
Source: af854a3a-2127-422b-91ae-364da2661108
Product
http://secunia.com/advisories/34499
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/35416
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/35685
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.openwall.com/lists/oss-security/2009/02/12/2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://www.openwall.com/lists/oss-security/2009/02/12/4
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://www.openwall.com/lists/oss-security/2009/02/12/7
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://www.redhat.com/support/errata/RHSA-2009-0295.html
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
http://www.securitytracker.com/id?1021921
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=485211
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10289
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

32 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.6%
70th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-863

Affected Vendors

suse opensuse redhat net-snmp

Related CVEs

CVE-2026-6982 6.3
CVE-2026-6981 6.3
CVE-2026-6980 7.3
CVE-2026-6979 6.3
CVE-2026-6978 4.7