Net-SNMP Remote Authentication Bypass Vulnerability

Net-SNMP Remote Authentication Bypass Vulnerability

References:

Bugzilla Bug 447974: CVE-2008-0960 net-snmp SNMPv3 authentication bypass (VU#87 (Red Hat)
#2008-006 multiple SNMP implementations HMAC authentication spoofing (oCERT)
About the security content of Security Update 2008-004 and Mac OS X 10.5.4 (Apple)
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of th (Cisco)
Net-SNMP Homepage (Net-SNMP)
Release notice for Ingate Firewall 471 and Ingate SIParator 471 (Ingate)
[oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing (Andrea Barisani )
Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities (Cisco Systems Product Security Incident Response Team )
SNMPv3 Authentication Bypass - CVE-2008-0960 (inode )
VMSA-2008-0013 Updated ESX packages for OpenSSL, net-snmp, perl (VMware Security Team )
ASA-2008-252 SNMPv3 Authentication Bypass Vulnerability in snmpd(1M) (Sun 238865 (Avaya)
ASA-2008-282 - net-snmp security update (RHSA-2008-0529) (Avaya)
Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities (Cisco)
Ingate Firewall and SIParator affected by SNMPv3 vulnerability (Ingate)
Juniper Networks, Inc. Information for VU#878044 (US-CERT)
Nortel Response to Potential Authentication Bypass Vulnerability in SNMPv3 (Nortel Networks)
Nortel Response to Potential Authentication Bypass Vulnerability in SNMPv3 (Nortel Networks)
RHSA-2008:0529-4: net-snmp security update (Red Hat)
Solution 238865: SNMPv3 Authentication Bypass Vulnerability in snmpd(1M) (Sun Microsystems)
ucd-snmp security update (Red Hat)
Vulnerability Note VU#878044 (US-CERT)