Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Net-SNMP 输入验证错误漏洞
Vulnerability Description
Net-SNMP是一套开源的简单网络管理协议(Simple Network Management Protocol)软件。该软件用于监控网络设备、电脑设备、UPS设备等。 Net-SNMP 5.0.9版本至5.4.2.1版本中存在输入验证错误漏洞,该漏洞源于snmplib/snmpUDPDomain.c文件中的netsnmp_udp_fmtaddr函数没有正确地解析hosts.allow规则。远程攻击者可利用该漏洞绕过访问限制,执行SNMP查询,获得主机相关的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A