Paketname
net-snmp
Datum
2008-11-05
Advisory ID
MDVSA-2008:225
Betroffene Versionen
2009.0 x86_64 , 2008.0 i586 , 2009.0 i586 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.1 x86_64 , 2008.1 i586

Problembeschreibung

A denial of service vulnerability was discovered in how Net-SNMP
processed GETBULK requests. A remote attacker with read access to
the SNMP server could issue a specially-crafted request which would
cause snmpd to crash (CVE-2008-4309).

Please note that for this to be successfully exploited, an attacker
must have read access to the SNMP server. By default, the public
community name grants read-only access, however it is recommended
that the default community name be changed in production.

The updated packages have been patched to correct this issue.

Aktualisierte Pakete

2009.0 x86_64

 d9b76860696183041c5431b28c133d79  2009.0/x86_64/lib64net-snmp15-5.4.2-2.1mdv2009.0.x86_64.rpm
 3868b49eec570997ec1bce4603fdb5b1  2009.0/x86_64/lib64net-snmp-devel-5.4.2-2.1mdv2009.0.x86_64.rpm
 fde92f379f3e6f5d8e3cd307e0d3866d  2009.0/x86_64/lib64net-snmp-static-devel-5.4.2-2.1mdv2009.0.x86_64.rpm
 1265e20f1d23728a740ce3e23f6df279  2009.0/x86_64/net-snmp-5.4.2-2.1mdv2009.0.x86_64.rpm
 e799c8dbd928539d2993f3a4268cf4fc  2009.0/x86_64/net-snmp-mibs-5.4.2-2.1mdv2009.0.x86_64.rpm
 f34b37e106fe535c6262c0a20824cb71  2009.0/x86_64/net-snmp-tkmib-5.4.2-2.1mdv2009.0.x86_64.rpm
 dc838be5485af308d3f560dd3dd23845  2009.0/x86_64/net-snmp-trapd-5.4.2-2.1mdv2009.0.x86_64.rpm
 66be00a8327d9e0b9fcd4fb22829fd85  2009.0/x86_64/net-snmp-utils-5.4.2-2.1mdv2009.0.x86_64.rpm
 b22b8c100f8b74be46f87cd9e33bdee3  2009.0/x86_64/perl-NetSNMP-5.4.2-2.1mdv2009.0.x86_64.rpm 
 142a9d0f6b5b895e50c93f66dd112459  2009.0/SRPMS/net-snmp-5.4.2-2.1mdv2009.0.src.rpm

2008.0 i586

 63c576c59db3887c9ff46aea999af904  2008.0/i586/libnet-snmp15-5.4.1-1.2mdv2008.0.i586.rpm
 208783bde426bc2994b25eac38a2f6f6  2008.0/i586/libnet-snmp-devel-5.4.1-1.2mdv2008.0.i586.rpm
 68d9b48a792253fcb647cb44b024fc6a  2008.0/i586/libnet-snmp-static-devel-5.4.1-1.2mdv2008.0.i586.rpm
 837f701fa84fbf24f866332d374baea0  2008.0/i586/net-snmp-5.4.1-1.2mdv2008.0.i586.rpm
 6b8e3cde829e41e882a2bbde8f70e5c0  2008.0/i586/net-snmp-mibs-5.4.1-1.2mdv2008.0.i586.rpm
 9c8d0a70cd23f49af617ebd950ab913b  2008.0/i586/net-snmp-trapd-5.4.1-1.2mdv2008.0.i586.rpm
 27f9666d87ad5c63a170fa515c2cfb79  2008.0/i586/net-snmp-utils-5.4.1-1.2mdv2008.0.i586.rpm
 fa774042539e5fa60662ea26cf5f79bb  2008.0/i586/perl-NetSNMP-5.4.1-1.2mdv2008.0.i586.rpm 
 62fd3d953786bb45cc442069a9dbae14  2008.0/SRPMS/net-snmp-5.4.1-1.2mdv2008.0.src.rpm

2009.0 i586

 67a289261b50a6ec4bbb74503ff15860  2009.0/i586/libnet-snmp15-5.4.2-2.1mdv2009.0.i586.rpm
 c0b057998d757e7988cac2276cc16d6a  2009.0/i586/libnet-snmp-devel-5.4.2-2.1mdv2009.0.i586.rpm
 340271a223791169762e826744d1aab3  2009.0/i586/libnet-snmp-static-devel-5.4.2-2.1mdv2009.0.i586.rpm
 4dad88af5b12b6001adc135e54a5f94c  2009.0/i586/net-snmp-5.4.2-2.1mdv2009.0.i586.rpm
 41cc69981bd2dd2886f764f46a19c326  2009.0/i586/net-snmp-mibs-5.4.2-2.1mdv2009.0.i586.rpm
 84ebcf44ee0d90e956d138ecafe7a9e0  2009.0/i586/net-snmp-tkmib-5.4.2-2.1mdv2009.0.i586.rpm
 d9ff03f1bb268735f27d4e70e441675a  2009.0/i586/net-snmp-trapd-5.4.2-2.1mdv2009.0.i586.rpm
 7d4891eb14e73c8f53cd7bee93dcab4b  2009.0/i586/net-snmp-utils-5.4.2-2.1mdv2009.0.i586.rpm
 66d9db711d7064d6326c50414ffe945b  2009.0/i586/perl-NetSNMP-5.4.2-2.1mdv2009.0.i586.rpm 
 142a9d0f6b5b895e50c93f66dd112459  2009.0/SRPMS/net-snmp-5.4.2-2.1mdv2009.0.src.rpm

CS4.0 i586

 e830fee5189a6d99235f8b5465cf1cf8  corporate/4.0/i586/libnet-snmp5-5.2.1.2-5.3.20060mlcs4.i586.rpm
 a2b4e29f175d2f9cc0ad8709edbbbd87  corporate/4.0/i586/libnet-snmp5-devel-5.2.1.2-5.3.20060mlcs4.i586.rpm
 741b5e8a9a8ecaf6f4a2d4849e45bd2f  corporate/4.0/i586/libnet-snmp5-static-devel-5.2.1.2-5.3.20060mlcs4.i586.rpm
 94da62fa6bdc660c23e308111f73665e  corporate/4.0/i586/net-snmp-5.2.1.2-5.3.20060mlcs4.i586.rpm
 373a8f3e0bffea791d866c35dab6f2fa  corporate/4.0/i586/net-snmp-mibs-5.2.1.2-5.3.20060mlcs4.i586.rpm
 002e256aa1c2b0179894f0df8e10e70e  corporate/4.0/i586/net-snmp-trapd-5.2.1.2-5.3.20060mlcs4.i586.rpm
 23ccf736576e9002e84c09db16953ee6  corporate/4.0/i586/net-snmp-utils-5.2.1.2-5.3.20060mlcs4.i586.rpm
 13dc4a180a0be9c5afe36168278ffdf3  corporate/4.0/i586/perl-NetSNMP-5.2.1.2-5.3.20060mlcs4.i586.rpm 
 d9cfd05c0de2b6891761627579ccc1d8  corporate/4.0/SRPMS/net-snmp-5.2.1.2-5.3.20060mlcs4.src.rpm

2008.0 x86_64

 7862778bf4b9262707dae0101a051e84  2008.0/x86_64/lib64net-snmp15-5.4.1-1.2mdv2008.0.x86_64.rpm
 907423d895272503d6684a7f14618a97  2008.0/x86_64/lib64net-snmp-devel-5.4.1-1.2mdv2008.0.x86_64.rpm
 ba8972ac3af0a41754d7d830237be4a8  2008.0/x86_64/lib64net-snmp-static-devel-5.4.1-1.2mdv2008.0.x86_64.rpm
 2f8efd6d1db501439a1da8b205c3ba4b  2008.0/x86_64/net-snmp-5.4.1-1.2mdv2008.0.x86_64.rpm
 bd431f5a0c11b796223911463216d236  2008.0/x86_64/net-snmp-mibs-5.4.1-1.2mdv2008.0.x86_64.rpm
 929e4b2e24137d0aed30e012d2cbee25  2008.0/x86_64/net-snmp-trapd-5.4.1-1.2mdv2008.0.x86_64.rpm
 80679956f6b8e3f8095f1767d34cf7c7  2008.0/x86_64/net-snmp-utils-5.4.1-1.2mdv2008.0.x86_64.rpm
 f8c2af7b036a33dbadf22498933c90b5  2008.0/x86_64/perl-NetSNMP-5.4.1-1.2mdv2008.0.x86_64.rpm 
 62fd3d953786bb45cc442069a9dbae14  2008.0/SRPMS/net-snmp-5.4.1-1.2mdv2008.0.src.rpm

CS4.0 x86_64

 7095df865e54764c051f10040b4de25d  corporate/4.0/x86_64/lib64net-snmp5-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 96a8dbf8ec18e76e4fddf52b2d19b93d  corporate/4.0/x86_64/lib64net-snmp5-devel-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 9af9807629580025cc1cdaba78826153  corporate/4.0/x86_64/lib64net-snmp5-static-devel-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 91d6d06059463804ae085bf42a702132  corporate/4.0/x86_64/net-snmp-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 47e44f0f67b04eae0c63ab9fc6636f10  corporate/4.0/x86_64/net-snmp-mibs-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 478577d14048824ef556371e43892f0e  corporate/4.0/x86_64/net-snmp-trapd-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 2766c681f5366ac9e9bfa74ff7388bd5  corporate/4.0/x86_64/net-snmp-utils-5.2.1.2-5.3.20060mlcs4.x86_64.rpm
 4ea12420b159bcecc5d7b2cef2bdeb8b  corporate/4.0/x86_64/perl-NetSNMP-5.2.1.2-5.3.20060mlcs4.x86_64.rpm 
 d9cfd05c0de2b6891761627579ccc1d8  corporate/4.0/SRPMS/net-snmp-5.2.1.2-5.3.20060mlcs4.src.rpm

2008.1 x86_64

 c4ddb52926754e188afa827365a9402d  2008.1/x86_64/lib64net-snmp15-5.4.1-5.2mdv2008.1.x86_64.rpm
 b71406ffbf1fddbe11d4e23636015043  2008.1/x86_64/lib64net-snmp-devel-5.4.1-5.2mdv2008.1.x86_64.rpm
 fbed296540545616ff8f248b32e7edf2  2008.1/x86_64/lib64net-snmp-static-devel-5.4.1-5.2mdv2008.1.x86_64.rpm
 7e4f56fe2433fd5a80b3ec09ca801755  2008.1/x86_64/net-snmp-5.4.1-5.2mdv2008.1.x86_64.rpm
 6275046a91fd1aea967f893720348f88  2008.1/x86_64/net-snmp-mibs-5.4.1-5.2mdv2008.1.x86_64.rpm
 c05711a0a2a0b69652c6d19e3c883e01  2008.1/x86_64/net-snmp-tkmib-5.4.1-5.2mdv2008.1.x86_64.rpm
 012b8391c5c49432d270d247e39fa64a  2008.1/x86_64/net-snmp-trapd-5.4.1-5.2mdv2008.1.x86_64.rpm
 d05bc5b73d566e16b76517fdd90f968d  2008.1/x86_64/net-snmp-utils-5.4.1-5.2mdv2008.1.x86_64.rpm
 d37bc36bd7a861f71fce000319904387  2008.1/x86_64/perl-NetSNMP-5.4.1-5.2mdv2008.1.x86_64.rpm 
 1f73d4a19a2a0a159cdf4d1058ce17f2  2008.1/SRPMS/net-snmp-5.4.1-5.2mdv2008.1.src.rpm

2008.1 i586

 aafe61f1aaaf2e13ef051fc1d7f5ab91  2008.1/i586/libnet-snmp15-5.4.1-5.2mdv2008.1.i586.rpm
 c7f2b5e4d5955a12b4df0fbf82f38544  2008.1/i586/libnet-snmp-devel-5.4.1-5.2mdv2008.1.i586.rpm
 f77c410069f938ae382fbee7012a349d  2008.1/i586/libnet-snmp-static-devel-5.4.1-5.2mdv2008.1.i586.rpm
 941b90ef50005b50829419575ab80ec1  2008.1/i586/net-snmp-5.4.1-5.2mdv2008.1.i586.rpm
 d8d459f3213cb97b2708c37c787a7035  2008.1/i586/net-snmp-mibs-5.4.1-5.2mdv2008.1.i586.rpm
 c753c1d4694d7b8c81f517c0c019accf  2008.1/i586/net-snmp-tkmib-5.4.1-5.2mdv2008.1.i586.rpm
 69a0f39e0366cda18fb3cb7440adf2c8  2008.1/i586/net-snmp-trapd-5.4.1-5.2mdv2008.1.i586.rpm
 825fe8ac0059480495d5f9f92b41775a  2008.1/i586/net-snmp-utils-5.4.1-5.2mdv2008.1.i586.rpm
 61b88005dba39bdad7c18c2774fab3ed  2008.1/i586/perl-NetSNMP-5.4.1-5.2mdv2008.1.i586.rpm 
 1f73d4a19a2a0a159cdf4d1058ce17f2  2008.1/SRPMS/net-snmp-5.4.1-5.2mdv2008.1.src.rpm

Referenzen