Unrated severityNVD Advisory· Published Feb 12, 2009· Updated Apr 23, 2026
CVE-2008-6123
CVE-2008-6123
Description
The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion."
Affected products
5- cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:9-11:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
16- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatch
- bugs.gentoo.org/show_bug.cginvdExploitIssue Tracking
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlnvdMailing List
- lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.htmlnvdMailing List
- lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.htmlnvdMailing List
- net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/snmplib/snmpUDPDomain.cnvdProduct
- net-snmp.svn.sourceforge.net/viewvc/net-snmpnvdProduct
- secunia.com/advisories/34499nvdBroken Link
- secunia.com/advisories/35416nvdBroken Link
- secunia.com/advisories/35685nvdBroken Link
- www.openwall.com/lists/oss-security/2009/02/12/2nvdMailing List
- www.openwall.com/lists/oss-security/2009/02/12/4nvdMailing List
- www.openwall.com/lists/oss-security/2009/02/12/7nvdMailing List
- www.redhat.com/support/errata/RHSA-2009-0295.htmlnvdNot Applicable
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10289nvdBroken Link
News mentions
0No linked articles in our index yet.