It was discovered that remote attacker can cause net-snmp's snmpd to crash via specially crafted SNMP GetBulk requests, that triggers division by zero in the following code: if (maxbulk <= 0 || maxbulk > maxresponses / r) maxbulk = maxresponses / r; This code has been added as part of the fix for CVE-2008-4309 (bug #469349). This problem never affected upstream net-snmp versions, thanks to following upstream commit from 2004: http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/agent/snmp_agent.c?r1=9583&r2=9695 This upstream change is part of net-snmp packages shipped in Red Hat Enterprise Linux 4 and later. Therefore this division by zero DoS only affects net-snmp in Red Hat Enterprise Linux 3.
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Via RHSA-2009:1124 https://rhn.redhat.com/errata/RHSA-2009-1124.html