net-snmp/net-snmp-5.4.1-libwrap.patch

26 lines
1.2 KiB
Diff
Raw Normal View History

CVE-2008-6123: snmp queries allowed from each remote host regardless of
/etc/hosts.allow configuration
Source: upstream, SVN rev. 17367
diff -up net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c.libwrap net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c
--- net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c.libwrap 2007-10-11 22:46:30.000000000 +0200
+++ net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c 2009-02-16 11:57:19.000000000 +0100
@@ -104,12 +104,12 @@ netsnmp_udp_fmtaddr(netsnmp_transport *t
char tmp[64];
to = (struct sockaddr_in *) &(addr_pair->remote_addr);
if (to == NULL) {
- sprintf(tmp, "UDP: [%s]->unknown",
+ sprintf(tmp, "UDP: unknown->[%s]",
inet_ntoa(addr_pair->local_addr));
} else {
- sprintf(tmp, "UDP: [%s]->", inet_ntoa(addr_pair->local_addr));
- sprintf(tmp + strlen(tmp), "[%s]:%hd",
- inet_ntoa(to->sin_addr), ntohs(to->sin_port));
+ sprintf(tmp, "UDP: [%s]:%hu->",
+ inet_ntoa(to->sin_addr), ntohs(to->sin_port));
+ sprintf(tmp + strlen(tmp), "[%s]", inet_ntoa(addr_pair->local_addr));
}
return strdup(tmp);
}