CVE-2009-1887 Information

Description

agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309.

Reference

http://www.mandriva.com/security/advisories?name=MDVSA-2009:156 http://www.redhat.com/support/errata/RHSA-2009-1124.html https://bugzilla.redhat.com/show_bug.cgi?id=506903 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A8426 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9716