Red Hat Bugzilla – Bug 348731
CVE-2007-5623 nagios-plugins check_snmp possible buffer overflow
Last modified: 2008-09-29 00:42:52 EDT
Stack-based buffer overflow vulnerability was discovered in the way check_snmp
parses output of snmpget command. Long reply from malicious SNMP server may
cause check_snmp to crash or possible execute code.
Problem is reported here:
SF.net contains patch proposed by reporter, but it has not yet been accepted to
Needs fixing also in F8 and devel.
Ping on this.
nagios-plugins-1.4.8-9.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
Mike: Thanks for the package.
Reopening this to track fixing in Fedora 8.
nagios-plugins-1.4.8-9.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
Could we also get epel4/epel5 updates please?
Let me know when you have build them and I can push to stable for them...
Sorry guys, this one slipped through the cracks, its long been fixed in epel as well.