[Pkg-net-snmp-devel] Bug#483588: example?

Peter Hicks peter.hicks at poggs.co.uk
Thu May 29 22:45:16 UTC 2008

Hi Thomas

Thomas Anders wrote:

> Peter Hicks wrote:
>> Bug #482333 addresses CVE-2008-2292, a buffer overflow in __snprint_value. 
>> However, this also breaks the perl module, which returns garbage for any
>> OCTETSTRs passed back.
> Can you present a minimal self-contained example?

Sure, it's attached.  It shows the correct strings being returned from the 
'get' call, but the corrupt output from snmpget.

I've had this on three systems I've upgraded to 5.4.1~dfsg-7.1 so far, and the 
problem went away when I removed the specific offending patch from the source 
and rebuilt.


Peter Hicks | e: my.name at poggs.co.uk | g: 0xE7C839F4 | w: www.poggs.com

   A: Because it destroys the flow of the conversation
   Q: Why is top-posting bad?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: snmp-error.pl
Type: text/x-perl
Size: 589 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-net-snmp-devel/attachments/20080529/758ff458/attachment.pl 

More information about the Pkg-net-snmp-devel mailing list