Bug 491621 - ucd-snmp / net-snmp: snmpd runs with privileges of privileged user
ucd-snmp / net-snmp: snmpd runs with privileges of privileged user
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
http://bugs.debian.org/cgi-bin/bugrep...
source=debian,reported=20090322,publi...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-03-23 07:48 EDT by Jan Lieskovsky
Modified: 2009-05-27 09:57 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-05-27 09:57:52 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2009-03-23 07:48:12 EDT
A security flaw was found in ucd-snmp / net-snmp package. The snmpd daemon
used to run with user / group privileges of a privileged user (root).
An attacker could use this flaw for potential privilege escalation.

Note: Successful exploitation of this flaw / privilege escalation would
      require that additional (highly unprobable) requirements are  
      simultaneously met.
Comment 1 Jan Lieskovsky 2009-03-23 07:59:33 EDT
The Red Hat Security Response Team has rated this issue
as having low security impact, a future update may address this flaw.
 More information regarding issue severity can be found here:
http://www.redhat.com/security/updates/classification/
Comment 2 Tomas Hoger 2009-05-27 09:57:52 EDT
I don't think this should be tracked as security flaw.  snmpd is run as root by default, as root privileges are required to obtain certain information served to SNMP clients by the daemon.  This default can be overridden by -u / -g command line arguments, which specify UID / GID under which snmpd should be run.

snmpd init script in Red Hat Enterprise Linux 4 and later allows specifying snmpd's command line options in sysconfig file without a need to modify init script itself - /etc/sysconfig/snmpd.options on Red Hat Enterprise Linux 4 and 5, /etc/sysconfig/snmpd on current Fedora versions.

Note You need to log in before you can comment on or make changes to this bug.