It was reported [1],[2]that the AgentX subagent of net-snmp could be stalled when a manager sent a multi-object request with a different number subids. This could lead to a denial of service. This has been corrected upstream in version 5.4.4 [3]; only earlier versiona are affected. This means that Fedora and Red Hat Enterprise Linux 6 are not affected, however Red Hat Enterprise Linux 5 does ship a vulnerable version (5.3.x). [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684388 [2] http://seclists.org/oss-sec/2014/q1/513 [3] http://sourceforge.net/p/net-snmp/patches/1113/ Statement: This issue did not affect the version of the net-snmp packages as shipped with Red Hat Enterprise Linux 6.
I don't understand how this bug can lead to DoS. Sure, AgentX subagent won't parse certain GETNEXT messages, but it does not crash, it just reports ordinary error code. And looking at the code, Net-SNMP as in RHEL 6.6 has the same bug.
After analyzing this issue, it seems the only impact of this flaw would be denial of response to the attacker who initially sent the crafted request. It does not lead to denial of service to other users or daemon crash. Therefore this is not a security flaw.
Statement: The Red Hat Security Response Team does not consider this issue to be a security flaw. For more information please refer to https://bugzilla.redhat.com/show_bug.cgi?id=1074631#c3