Re: Digital Armaments Security Advisory 01.16.2006: CMU SNMP utilities snmptrad Format String Vulnerability

On 1/20/06, Florian Weimer <[EMAIL PROTECTED]> wrote: > > III. Detection > > > > This problem has been detected and tested on latest versions: > > snmptrapd from cmu-snmp-linux-3.7 package > > snmptrapd from cmu-snmp-linux-3.6 package > > This seems to be the following code: > > int snmp_input(op,

Re: Digital Armaments Security Advisory 01.16.2006: CMU SNMP utilities snmptrad Format String Vulnerability

> III. Detection > > This problem has been detected and tested on latest versions: > snmptrapd from cmu-snmp-linux-3.7 package > snmptrapd from cmu-snmp-linux-3.6 package This seems to be the following code: int snmp_input(op, session, reqid, pdu, magic) int op; struct snmp_session *sessi

Digital Armaments Security Advisory 01.16.2006: CMU SNMP utilities snmptrad Format String Vulnerability

CMU SNMP utilities snmptrad Format String Vulnerability Digital Armaments advisory is 01.04.2006 http://www.digitalarmaments.com/2006040164883273.html I. Background The package is CMU-SNMP utilities. In this package snmptrapd is an SNMP application that receives and logs SNMP TRAP and INFORM m