Bug 50812 - snmpd Buffer Overflow (Non-Malicious)
Summary: snmpd Buffer Overflow (Non-Malicious)
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: ucd-snmp
Version: 7.1
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Phil Knirsch
QA Contact: Brock Organ
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-08-03 15:22 UTC by Jeff A. Abbott
Modified: 2015-03-05 01:09 UTC (History)
1 user (show)

(edit)
Clone Of:
(edit)
Last Closed: 2001-09-21 14:16:09 UTC


Attachments (Terms of Use)

Description Jeff A. Abbott 2001-08-03 15:22:17 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.4.2-2smp i686)

Description of problem:
snmpd dumps core when you try to specify a logfile name/path with an
excessively long name. Could this be better handled with an error
condition?

How reproducible:
Always

Steps to Reproduce:
1. Run "/usr/sbin/snmpd -l [extremely long list of characters -- I was
using over 500 A's]"
2. Watch it dump.
	

Actual Results:  It dumped core.

Expected Results:  It would be nice if it did something like "the logfile
name you specified is invalid. please use a shorter name."

Additional info:

As near as I can tell, there's no way to exploit a system or otherwise
cause damage to it with this, but it would be nice if handled it a bit more
cleanly

Comment 1 Wes Hardaker 2001-09-21 14:16:05 UTC
Note: this will be fixed in the shortly released 4.2.2 release.


Comment 2 Phil Knirsch 2002-01-29 14:14:46 UTC
The latest version (4.2.3) is available via rawhide now. This should fix this
problem.

Thanks,

Read ya, Phil



Note You need to log in before you can comment on or make changes to this bug.