Package name
net-snmp
Date
2012-06-21
Advisory ID
MDVSA-2012:099
Affected versions
MES5 i586 , 2010.1 i586 , 2011 x86_64 , 2011 i586 , MES5 x86_64 , 2010.1 x86_64

Problem description

A vulnerability has been discovered and corrected in net-snmp:

An array index error, leading to out-of heap-based buffer read flaw
was found in the way net-snmp agent performed entries lookup in the
extension table. When certain MIB subtree was handled by the extend
directive, a remote attacker having read privilege to the subtree could
use this flaw to cause a denial of service (snmpd crash) via SNMP GET
request involving a non-existent extension table entry (CVE-2012-2141).

The updated packages have been patched to correct this issue.

Updated packages

MES5 i586

 a57d57bfebb80c9a5d73811d5696ee47  mes5/i586/libnet-snmp15-5.4.2-2.4mdvmes5.2.i586.rpm
 db359acdd4bf501f8469a60bdca31439  mes5/i586/libnet-snmp-devel-5.4.2-2.4mdvmes5.2.i586.rpm
 9a68e11e201646d2ea2c06be3db6d03f  mes5/i586/libnet-snmp-static-devel-5.4.2-2.4mdvmes5.2.i586.rpm
 864a7d720acedd85a0b35679e59849a3  mes5/i586/net-snmp-5.4.2-2.4mdvmes5.2.i586.rpm
 6acc806f39f3b6e04d6c16b0ec85acdf  mes5/i586/net-snmp-mibs-5.4.2-2.4mdvmes5.2.i586.rpm
 22c72430d5926751c532535d70c74bdc  mes5/i586/net-snmp-tkmib-5.4.2-2.4mdvmes5.2.i586.rpm
 e1133d9065147744a007f15beea6b963  mes5/i586/net-snmp-trapd-5.4.2-2.4mdvmes5.2.i586.rpm
 2040762a0fa5947010d01e459453803c  mes5/i586/net-snmp-utils-5.4.2-2.4mdvmes5.2.i586.rpm
 99aca626593aa9829e2f66143b9e8a5d  mes5/i586/perl-NetSNMP-5.4.2-2.4mdvmes5.2.i586.rpm 
 0ee5d96c849a98d9600faf2bd20c1bdc  mes5/SRPMS/net-snmp-5.4.2-2.4mdvmes5.2.src.rpm

2010.1 i586

 549a715a24b4cfed186201abb88ab4c1  2010.1/i586/libnet-snmp20-5.5-7.1mdv2010.2.i586.rpm
 dffee731e289b4c338c02ad8c85a0312  2010.1/i586/libnet-snmp-devel-5.5-7.1mdv2010.2.i586.rpm
 ab2d140c9e9ee6a3ca05df9e4a1e65cb  2010.1/i586/libnet-snmp-static-devel-5.5-7.1mdv2010.2.i586.rpm
 a78a283445d42add9164081350cb2e79  2010.1/i586/net-snmp-5.5-7.1mdv2010.2.i586.rpm
 af747c2cd184b9cd0071320b71e23d62  2010.1/i586/net-snmp-mibs-5.5-7.1mdv2010.2.i586.rpm
 1703166df266d466ee5ebd1e3e42152f  2010.1/i586/net-snmp-tkmib-5.5-7.1mdv2010.2.i586.rpm
 4416385214616480e1a703430de0160d  2010.1/i586/net-snmp-trapd-5.5-7.1mdv2010.2.i586.rpm
 ec6325d9778014907cd3f30a31a02791  2010.1/i586/net-snmp-utils-5.5-7.1mdv2010.2.i586.rpm
 38e51b57e5d9d03edb6ea01545d3bc25  2010.1/i586/perl-NetSNMP-5.5-7.1mdv2010.2.i586.rpm 
 901eeb7abf12be68bc3a24f76cbad087  2010.1/SRPMS/net-snmp-5.5-7.1mdv2010.2.src.rpm

2011 x86_64

 50841d5a79cbb80c8f3b135d98e62c94  2011/x86_64/lib64net-snmp25-5.6.1-9.1-mdv2011.0.x86_64.rpm
 2f98663d082b1c806049e1d638665bd7  2011/x86_64/lib64net-snmp-devel-5.6.1-9.1-mdv2011.0.x86_64.rpm
 58426391ae5bee8f1063ca96709138de  2011/x86_64/lib64net-snmp-static-devel-5.6.1-9.1-mdv2011.0.x86_64.rpm
 61a36cdaa85b25b990622af254cb5c1c  2011/x86_64/net-snmp-5.6.1-9.1-mdv2011.0.x86_64.rpm
 53d742abefd3d45fcdd6686a4e63c394  2011/x86_64/net-snmp-mibs-5.6.1-9.1-mdv2011.0.x86_64.rpm
 57c665999674a46001de569f5cbaf4b0  2011/x86_64/net-snmp-tkmib-5.6.1-9.1-mdv2011.0.x86_64.rpm
 aedb28e2cca33ab91a5987f08499ce76  2011/x86_64/net-snmp-trapd-5.6.1-9.1-mdv2011.0.x86_64.rpm
 440057cfe374699634e7123f8dfe91c7  2011/x86_64/net-snmp-utils-5.6.1-9.1-mdv2011.0.x86_64.rpm
 d8cb8fa927a32c6d5ce3664f15c95ccf  2011/x86_64/perl-NetSNMP-5.6.1-9.1-mdv2011.0.x86_64.rpm
 3f83c7c8e1073a229bdb2cf3f33d3708  2011/x86_64/python-netsnmp-5.6.1-9.1-mdv2011.0.x86_64.rpm 
 0aab253539a0484d932baf04f703d4d2  2011/SRPMS/net-snmp-5.6.1-9.1.src.rpm

2011 i586

 bd71a939144d1d20b08283401515eab9  2011/i586/libnet-snmp25-5.6.1-9.1-mdv2011.0.i586.rpm
 d56ccb25cbc50ada230b2a568e312560  2011/i586/libnet-snmp-devel-5.6.1-9.1-mdv2011.0.i586.rpm
 d7e9e13bb4feaf78db0354ea35348c0f  2011/i586/libnet-snmp-static-devel-5.6.1-9.1-mdv2011.0.i586.rpm
 13c81c8bb164c99fc6806ba6328d77a7  2011/i586/net-snmp-5.6.1-9.1-mdv2011.0.i586.rpm
 159143bd5eae11219fd33bed27d3db15  2011/i586/net-snmp-mibs-5.6.1-9.1-mdv2011.0.i586.rpm
 350761224456d9d06ad4a9661bc4ee77  2011/i586/net-snmp-tkmib-5.6.1-9.1-mdv2011.0.i586.rpm
 bb34c4dd7512274ba6fbfedada9b4d01  2011/i586/net-snmp-trapd-5.6.1-9.1-mdv2011.0.i586.rpm
 3175051bbd95c1f93c17dac6854de586  2011/i586/net-snmp-utils-5.6.1-9.1-mdv2011.0.i586.rpm
 d6b207acf8e1d199d94cbc2ba9088f56  2011/i586/perl-NetSNMP-5.6.1-9.1-mdv2011.0.i586.rpm
 a6ae19f2f7f865f76880c05d3be5feca  2011/i586/python-netsnmp-5.6.1-9.1-mdv2011.0.i586.rpm 
 0aab253539a0484d932baf04f703d4d2  2011/SRPMS/net-snmp-5.6.1-9.1.src.rpm

MES5 x86_64

 6cec4f28c38f6e446976359de2d52c2f  mes5/x86_64/lib64net-snmp15-5.4.2-2.4mdvmes5.2.x86_64.rpm
 280b5df81cced400a9d50cf36e29697a  mes5/x86_64/lib64net-snmp-devel-5.4.2-2.4mdvmes5.2.x86_64.rpm
 456656085d1303473d6b843161a5dfd9  mes5/x86_64/lib64net-snmp-static-devel-5.4.2-2.4mdvmes5.2.x86_64.rpm
 388d6c3f5262a2782c1df1eee2b56ae5  mes5/x86_64/net-snmp-5.4.2-2.4mdvmes5.2.x86_64.rpm
 5581bb503428d43f56047b804e21bebd  mes5/x86_64/net-snmp-mibs-5.4.2-2.4mdvmes5.2.x86_64.rpm
 1643390bf239fa3c54d5959b342ca953  mes5/x86_64/net-snmp-tkmib-5.4.2-2.4mdvmes5.2.x86_64.rpm
 ad3e97af2064f3f1cd9467b69578610a  mes5/x86_64/net-snmp-trapd-5.4.2-2.4mdvmes5.2.x86_64.rpm
 812851c970888bc5cc5c0e7b401e0486  mes5/x86_64/net-snmp-utils-5.4.2-2.4mdvmes5.2.x86_64.rpm
 cfc93c491b3fe7b4c22ed0bcb565f98b  mes5/x86_64/perl-NetSNMP-5.4.2-2.4mdvmes5.2.x86_64.rpm 
 0ee5d96c849a98d9600faf2bd20c1bdc  mes5/SRPMS/net-snmp-5.4.2-2.4mdvmes5.2.src.rpm

2010.1 x86_64

 568bdf766fd52583fe8793d55cfbc40a  2010.1/x86_64/lib64net-snmp20-5.5-7.1mdv2010.2.x86_64.rpm
 fbdd5492d01aa88de15f63dea689258b  2010.1/x86_64/lib64net-snmp-devel-5.5-7.1mdv2010.2.x86_64.rpm
 2b234ec4b01f31adfbb3d5b77879fdfe  2010.1/x86_64/lib64net-snmp-static-devel-5.5-7.1mdv2010.2.x86_64.rpm
 619b92ffd07067994be02fde7528f951  2010.1/x86_64/net-snmp-5.5-7.1mdv2010.2.x86_64.rpm
 79dc167bfe48718513fdae8b5ffbe9b0  2010.1/x86_64/net-snmp-mibs-5.5-7.1mdv2010.2.x86_64.rpm
 3d9aaff4836efc8f8efb0d3fc7a30f76  2010.1/x86_64/net-snmp-tkmib-5.5-7.1mdv2010.2.x86_64.rpm
 fda5dfbe8012404d6ddd0c3943129665  2010.1/x86_64/net-snmp-trapd-5.5-7.1mdv2010.2.x86_64.rpm
 af024b56711368674499906e957ca59a  2010.1/x86_64/net-snmp-utils-5.5-7.1mdv2010.2.x86_64.rpm
 8071b12044e02a4400a9b7fa5c66f4cc  2010.1/x86_64/perl-NetSNMP-5.5-7.1mdv2010.2.x86_64.rpm 
 901eeb7abf12be68bc3a24f76cbad087  2010.1/SRPMS/net-snmp-5.5-7.1mdv2010.2.src.rpm

References