Package name
net-snmp
Date
2009-07-19
Advisory ID
MDVSA-2009:156
Affected versions
CS3.0 i586 , MNF2.0 i586 , CS3.0 x86_64

Problem description

A vulnerability has been found and corrected in net-snmp:

agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise
Linux (RHEL) 3 allows remote attackers to cause a denial of service
(daemon crash) via a crafted SNMP GETBULK request that triggers a
divide-by-zero error. NOTE: this vulnerability exists because of an
incorrect fix for CVE-2008-4309 (CVE-2009-1887).

This update provides fixes for this vulnerability.

Updated packages

CS3.0 i586

 ee03bc14d134aec02794f5808a137a4f  corporate/3.0/i586/libnet-snmp5-5.1-7.5.C30mdk.i586.rpm
 6b5f1b75e5eb468093c608ccfe82e9da  corporate/3.0/i586/libnet-snmp5-devel-5.1-7.5.C30mdk.i586.rpm
 57611a3244d6059044409a7f485a4994  corporate/3.0/i586/libnet-snmp5-static-devel-5.1-7.5.C30mdk.i586.rpm
 285c902d9d1bbe55b9b479dcfbc2e95c  corporate/3.0/i586/net-snmp-5.1-7.5.C30mdk.i586.rpm
 0601ceadbd9c8fa5d2882125a4e981df  corporate/3.0/i586/net-snmp-mibs-5.1-7.5.C30mdk.i586.rpm
 f644da3f56e42f98d9450215ed3fc0b6  corporate/3.0/i586/net-snmp-trapd-5.1-7.5.C30mdk.i586.rpm
 7022788c7a0041801b3cbc4be50c94bd  corporate/3.0/i586/net-snmp-utils-5.1-7.5.C30mdk.i586.rpm 
 6b6e9fd557325638d224583217acef16  corporate/3.0/SRPMS/net-snmp-5.1-7.5.C30mdk.src.rpm

MNF2.0 i586

 8260a17cc954c142159cea3d28b8a8f8  mnf/2.0/i586/libnet-snmp5-5.1-7.5.C30mdk.i586.rpm
 9afe4298aec395f975a339de2758a756  mnf/2.0/i586/libnet-snmp5-devel-5.1-7.5.C30mdk.i586.rpm
 05c8bc9c3dd9448b4c6e1c03014924de  mnf/2.0/i586/libnet-snmp5-static-devel-5.1-7.5.C30mdk.i586.rpm
 126012bdd2bd1f954ba3dbb803066974  mnf/2.0/i586/net-snmp-5.1-7.5.C30mdk.i586.rpm
 481ef666a39b51b0d6dd602c3ce660c9  mnf/2.0/i586/net-snmp-mibs-5.1-7.5.C30mdk.i586.rpm
 b13d2b0d1e35af1c7e39127f113d31a6  mnf/2.0/i586/net-snmp-trapd-5.1-7.5.C30mdk.i586.rpm
 57827cff12b30fb253c6728f5422db43  mnf/2.0/i586/net-snmp-utils-5.1-7.5.C30mdk.i586.rpm 
 d727dcb4976f5373ace6629b8ec4b757  mnf/2.0/SRPMS/net-snmp-5.1-7.5.C30mdk.src.rpm

CS3.0 x86_64

 e3c100859868487b5699fdf4a66af63c  corporate/3.0/x86_64/lib64net-snmp5-5.1-7.5.C30mdk.x86_64.rpm
 eadad6ef1be8b807d8c3c54a7d6c9ff2  corporate/3.0/x86_64/lib64net-snmp5-devel-5.1-7.5.C30mdk.x86_64.rpm
 3719e39e53a600a43cfda88966875c52  corporate/3.0/x86_64/lib64net-snmp5-static-devel-5.1-7.5.C30mdk.x86_64.rpm
 d82287d4fc63404427c6f1b822351c27  corporate/3.0/x86_64/net-snmp-5.1-7.5.C30mdk.x86_64.rpm
 2865fe323092fe69406238aa558feb04  corporate/3.0/x86_64/net-snmp-mibs-5.1-7.5.C30mdk.x86_64.rpm
 d102b2d018a45e725972be1d18e09b1c  corporate/3.0/x86_64/net-snmp-trapd-5.1-7.5.C30mdk.x86_64.rpm
 7898c08b000b4e1dac6ad55ba363108e  corporate/3.0/x86_64/net-snmp-utils-5.1-7.5.C30mdk.x86_64.rpm 
 6b6e9fd557325638d224583217acef16  corporate/3.0/SRPMS/net-snmp-5.1-7.5.C30mdk.src.rpm

References