search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Sun Solaris SNMP proxy agent /opt/SUNWssp/bin/snmpd contains buffer overflow

Vulnerability Note VU#154976

Original Release Date: 2001-05-06 | Last Revised: 2002-04-02


The SNMP proxy agent on certain large Solaris systems contains a buffer overflow. It may be possible, though it is unconfirmed, that an intruder could use this flaw to execute code with root privileges.


The Sun Enterprise 10000 is monitored and controlled by a systems called a System Service Processor (SSP). If two SSPs are in use they are configured as a main and a spare. The snmpd agent on the main SSP, part of the SSPSUNWsspop package, contains a buffer overflow in a variable used to hold argv[0]. The location of the buffer suggests it would be difficult to use this flaw to execute code.


The complete impact of this vulnerability is not yet known. In the worst case, it could allow an intruder to execute code with root privileges, but that impact is unconfirmed. Because the overflow occurs in a buffer used to hold argv[0], an intruder cannot use this flaw to crash an existing snmpd.


The CERT/CC is currently unaware of a practical solution to this problem.

Vendor Information


Sun Affected

Updated:  May 05, 2001



Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


It was reported on Bugtraq that this is being tracked as Sun bug ID 4425460. it remains unclear if this flaw can be used by an intruder to execute code. Nonetheless, we believe it is prudent to apply a patch to fix this problem when it is available.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CVSS Metrics

Group Score Vector



Our thanks to Pablo Sor who originally identified this problem on Bugtraq.

This document was written by Shawn V. Hernan.

Other Information

CVE IDs: CVE-2001-0470
Severity Metric: 0.28
Date Public: 2001-03-13
Date First Published: 2001-05-06
Date Last Updated: 2002-04-02 01:41 UTC
Document Revision: 7

Sponsored by CISA.