- Products
- Learn
- Local User Groups
- Partners
- More
CheckMates Fifth Birthday
Celebrate with Us!
days
hours
minutes
seconds
Join the CHECKMATES Everywhere Competition
Submit your picture to win!
Check Point Proactive support
Free trial available for 90 Days!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
The 2022 MITRE Engenuity ATT&CK®
Evaluations Results Are In!
Now Available: SmartAwareness Security Training
Training Built to Educate and Engage
MITRE ATT&CK
Inside Check Point products!
CheckFlix!
All Videos In One Space
I was looking around and maybe i'm missing it, but has checkpoint addressed this issue? I'm not finding anything so far. Granted this seems to require write access be enabled which i'm guessing almost no one uses, but I was looking for some clarification.
Fixed in the R80.40 Version: Check Point Gaia releases R77 - R80.30 use 3rd party net-snmp package version 5.4.2.1, Check Point release R80.40 (and above) use net-snmp package version 5.8 (sk158852).
Oh great, so will you be posting a patch for anything below R80.40 then?
Its kind of unclear, but this seems to be the fixed version in the net-snmp which shows 5.8.1rc1 ?
https://github.com/net-snmp/net-snmp/commit/77f6c60f57dba0aaea5d8ef1dd94bcd0c8e6d205
When we patch an issue in third party code, we don't necessarily rev the version number unless we actually update the relevant codebase to that version.
Specific to this CVE, it appears that this issue requires expert/root on the relevant gateway to exploit.
If you have that kind of access, you can pretty much do anything you want anyway.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY