SNMP++ 3.3.13 has been released to fix security issue with the following rating that is contained in all SNMP++ releases (including any 2.x and any 3.x release before 3.3.13a)!
An update is recommended for anyone. If you are not able to update to the latest version you can apply the following patch to the asn1.cpp file in method asn_parse_objid:
while (length > 0 && (*objidlength)-- > 0) {
subidentifier = 0;
do { /* shift and add in low order 7 bits */
subidentifier = (subidentifier << 7) + (*(unsigned char *)bufp & ~ASN_BIT8);
length--;
} while ((*(unsigned char *)bufp++ & ASN_BIT8) && length > 0); /* last byte has high bit clear */
if (subidentifier > (unsigned long)MAX_SUBID) {
ASNERROR("subidentifier too long");
return NULL;
}
*oidp++ = (oid)subidentifier;
}
The necessary change is adding the && length > 0 in while ((*(unsigned char *)bufp++ & ASN_BIT8) && length > 0)
The rating of the vulnerability is:
CVSS V3 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
CVSS V3 Score: 5.8 (Medium)
CHANGES
- Fixed [APP-60]: SECURITY: SNMP++ contains “out-of-bounds read” vulnerability
in function asn_parse_objid.
The vulnerability was discovered by Radu Motspan, “Kaspersky”.