Bug 50812 - snmpd Buffer Overflow (Non-Malicious)
snmpd Buffer Overflow (Non-Malicious)
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: ucd-snmp (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Phil Knirsch
Brock Organ
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-08-03 11:22 EDT by Jeff A. Abbott
Modified: 2015-03-04 20:09 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-09-21 10:16:09 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jeff A. Abbott 2001-08-03 11:22:17 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.4.2-2smp i686)

Description of problem:
snmpd dumps core when you try to specify a logfile name/path with an
excessively long name. Could this be better handled with an error
condition?

How reproducible:
Always

Steps to Reproduce:
1. Run "/usr/sbin/snmpd -l [extremely long list of characters -- I was
using over 500 A's]"
2. Watch it dump.
	

Actual Results:  It dumped core.

Expected Results:  It would be nice if it did something like "the logfile
name you specified is invalid. please use a shorter name."

Additional info:

As near as I can tell, there's no way to exploit a system or otherwise
cause damage to it with this, but it would be nice if handled it a bit more
cleanly
Comment 1 Wes Hardaker 2001-09-21 10:16:05 EDT
Note: this will be fixed in the shortly released 4.2.2 release.
Comment 2 Phil Knirsch 2002-01-29 09:14:46 EST
The latest version (4.2.3) is available via rawhide now. This should fix this
problem.

Thanks,

Read ya, Phil

Note You need to log in before you can comment on or make changes to this bug.