2008-06-10 06:02:57 +00:00
|
|
|
447974: CVE-2008-0960 net-snmp SNMPv3 authentication bypass (VU#877044)
|
|
|
|
|
|
|
|
Source: upstream, https://sourceforge.net/tracker/index.php?func=detail&aid=1989089&group_id=12694&atid=456380
|
|
|
|
Reviewed-by: Jan Safranek <jsafrane@redhat.com>
|
|
|
|
|
|
|
|
diff -up net-snmp-5.0.9/snmplib/scapi.c.orig net-snmp-5.0.9/snmplib/scapi.c
|
2008-07-25 11:03:32 +00:00
|
|
|
diff -up net-snmp-5.4.1/snmplib/scapi.c.backup_patch_17 net-snmp-5.4.1/snmplib/scapi.c
|
|
|
|
--- net-snmp-5.4.1/snmplib/scapi.c.backup_patch_17 2006-09-15 14:47:01.000000000 +0200
|
|
|
|
+++ net-snmp-5.4.1/snmplib/scapi.c 2008-07-25 12:54:00.000000000 +0200
|
|
|
|
@@ -562,6 +562,9 @@ sc_check_keyed_hash(const oid * authtype
|
2008-06-10 06:02:57 +00:00
|
|
|
QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit);
|
|
|
|
}
|
|
|
|
|
|
|
|
+ if (maclen != USM_MD5_AND_SHA_AUTH_LEN) {
|
|
|
|
+ QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit);
|
|
|
|
+ }
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Generate a full hash of the message, then compare
|