net-snmp/net-snmp-5.4.1-hmac-check.patch

20 lines
866 B
Diff
Raw Normal View History

447974: CVE-2008-0960 net-snmp SNMPv3 authentication bypass (VU#877044)
Source: upstream, https://sourceforge.net/tracker/index.php?func=detail&aid=1989089&group_id=12694&atid=456380
Reviewed-by: Jan Safranek <jsafrane@redhat.com>
diff -up net-snmp-5.0.9/snmplib/scapi.c.orig net-snmp-5.0.9/snmplib/scapi.c
diff -up net-snmp-5.4.1/snmplib/scapi.c.backup_patch_17 net-snmp-5.4.1/snmplib/scapi.c
--- net-snmp-5.4.1/snmplib/scapi.c.backup_patch_17 2006-09-15 14:47:01.000000000 +0200
+++ net-snmp-5.4.1/snmplib/scapi.c 2008-07-25 12:54:00.000000000 +0200
@@ -562,6 +562,9 @@ sc_check_keyed_hash(const oid * authtype
QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit);
}
+ if (maclen != USM_MD5_AND_SHA_AUTH_LEN) {
+ QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit);
+ }
/*
* Generate a full hash of the message, then compare