Description
The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to "source/destination IP address confusion."
CVSS Metrics
- Vector
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- Access Vector
- network
- Access Cmplx
- low
- Auth
- none
- Confidentiality
- partial
- Integrity
- none
- Availability
- none
- Weaknesses
- CWE-863
Metadata
- Primary Vendor
- NET-SNMP
- Published
- 2/12/2009
- Last Modified
- 4/9/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
net-snmp : net-snmpopensuse : opensuseopensuse : opensusesuse : linux_enterpriseredhat : enterprise_linux
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.