CVE-2008-6123: snmp queries allowed from each remote host regardless of /etc/hosts.allow configuration Source: upstream, SVN rev. 17367 diff -up net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c.libwrap net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c --- net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c.libwrap 2007-10-11 22:46:30.000000000 +0200 +++ net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c 2009-02-16 11:57:19.000000000 +0100 @@ -104,12 +104,12 @@ netsnmp_udp_fmtaddr(netsnmp_transport *t char tmp[64]; to = (struct sockaddr_in *) &(addr_pair->remote_addr); if (to == NULL) { - sprintf(tmp, "UDP: [%s]->unknown", + sprintf(tmp, "UDP: unknown->[%s]", inet_ntoa(addr_pair->local_addr)); } else { - sprintf(tmp, "UDP: [%s]->", inet_ntoa(addr_pair->local_addr)); - sprintf(tmp + strlen(tmp), "[%s]:%hd", - inet_ntoa(to->sin_addr), ntohs(to->sin_port)); + sprintf(tmp, "UDP: [%s]:%hu->", + inet_ntoa(to->sin_addr), ntohs(to->sin_port)); + sprintf(tmp + strlen(tmp), "[%s]", inet_ntoa(addr_pair->local_addr)); } return strdup(tmp); }