Debian: New net-snmp packages fix denial of service

    Date26 Oct 2005
    CategoryDebian
    6766
    Posted ByJoe Shakespeare
    Updated package.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 873-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                             Martin Schulze
    October 26th, 2005                        http://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : net-snmp
    Vulnerability  : programming error
    Problem type   : remote
    Debian-specific: no
    CVE ID         : CAN-2005-2177
    BugTraq ID     : 14168
    
    A security vulnerability has been found in Net-SNMP releases that
    could allow a denial of service attack against Net-SNMP agent's that
    have opened a stream based protocol (eg TCP but not UDP).  By default,
    Net-SNMP does not open a TCP port.
    
    The old stable distribution (woody) does not contain a net-snmp package.
    
    For the stable distribution (sarge) this problem has been fixed in
    version 5.1.2-6.2.
    
    For the unstable distribution (sid) this problem has been fixed in
    version 5.2.1.2-1.
    
    We recommend that you upgrade your net-snmp package.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
    
      Source archives:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.1.2-6.2.dsc
          Size/MD5 checksum:      794 0aa985327e01703ee88e9c9fc63dcccb
        http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.1.2-6.2.diff.gz
          Size/MD5 checksum:    67941 80b50ece9798c3634843213632ea8b53
        http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.1.2.orig.tar.gz
          Size/MD5 checksum:  3253579 8080555ab3f90011f25d5122042d9a8d
    
      Architecture independent components:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-base_5.1.2-6.2_all.deb
          Size/MD5 checksum:  1005346 9f09bd5325ecb399a6b8b8b4c74e409e
        http://security.debian.org/pool/updates/main/n/net-snmp/tkmib_5.1.2-6.2_all.deb
          Size/MD5 checksum:   754688 5c84a39f4fb06e9ffae0c693b4e6c1fe
    
      Alpha architecture:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_alpha.deb
          Size/MD5 checksum:   818316 c130066a195f6061032c039dbb70f4c6
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_alpha.deb
          Size/MD5 checksum:  1579716 b35f6363a539100eb8a32cdee143c4b5
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_alpha.deb
          Size/MD5 checksum:  1647842 99a7926ca98e85e3f8742dfc7a46b880
        http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_alpha.deb
          Size/MD5 checksum:   820826 8645dbb814fee32fd4dba772806b4e7d
        http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_alpha.deb
          Size/MD5 checksum:   733324 0d1113f65055b9802b1f0db33bf8566c
    
      AMD64 architecture:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_amd64.deb
          Size/MD5 checksum:   815302 8b739d0e928cbed3d4e5fc30df4dd26d
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_amd64.deb
          Size/MD5 checksum:  1553650 907b6ad8b395b2167ed07331d9ae88b1
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_amd64.deb
          Size/MD5 checksum:  1184882 fd9f8a3c36a0573737d2856e70be4b55
        http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_amd64.deb
          Size/MD5 checksum:   815620 073e011929c866ea6793852c48822f38
        http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_amd64.deb
          Size/MD5 checksum:   731774 aa783fcf78888d5379c80cadfecba92f
    
      ARM architecture:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_arm.deb
          Size/MD5 checksum:   811116 7c0db64010705b24094b04cb697c21ae
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_arm.deb
          Size/MD5 checksum:  1477848 0072b62e6a873a7bca251a5a7b1a4ac6
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_arm.deb
          Size/MD5 checksum:  1120060 5d51cd366d5497c549c95d81233820cb
        http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_arm.deb
          Size/MD5 checksum:   810168 1e2aaa41d86cbf1d3455cc3ad1e9246e
        http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_arm.deb
          Size/MD5 checksum:   730678 4da842f3e4c7820b6994dbaa4ce9464c
    
      Intel IA-32 architecture:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_i386.deb
          Size/MD5 checksum:   818878 b3b728436c0d24dd71cae4c745d78d69
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_i386.deb
          Size/MD5 checksum:  1531948 64e0d4d60e1ec437c0693cd80ab5652d
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_i386.deb
          Size/MD5 checksum:  1100052 a86f8867983efe3eaf2ae2c0a529fcd7
        http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_i386.deb
          Size/MD5 checksum:   811618 6939d4e93c77a9da325a1558d0b1c492
        http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_i386.deb
          Size/MD5 checksum:   730514 a31ff071dc8dc2406f60d8c9fc4f8a74
    
      Intel IA-64 architecture:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_ia64.deb
          Size/MD5 checksum:   846348 9902935d551e5eec1aaefdb2689bc1ba
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_ia64.deb
          Size/MD5 checksum:  1780724 eb6b2eb4ba43a0a0bcb99cdd51b2e4e8
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_ia64.deb
          Size/MD5 checksum:  1584452 caa05c744a6ce901def3aefa11347302
        http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_ia64.deb
          Size/MD5 checksum:   838818 a59fd105fb8b839031eacc1faf3410a4
        http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_ia64.deb
          Size/MD5 checksum:   737976 22069dd21aab422a67ca368dc7537aa4
    
      HP Precision architecture:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_hppa.deb
          Size/MD5 checksum:   829624 8d8d43de36f2846f0f4c689eafc239d1
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_hppa.deb
          Size/MD5 checksum:  1604876 1f5fc833c478b0e737d89a86b69bf6a0
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_hppa.deb
          Size/MD5 checksum:  1368226 d77ce1656b2f5f1c09bd98aeb17bb354
        http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_hppa.deb
          Size/MD5 checksum:   824466 8a1f5d695a218655932180b3f8e3b49c
        http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_hppa.deb
          Size/MD5 checksum:   733168 1c894d59e8d8cad67210b22049c55338
    
      Motorola 680x0 architecture:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_m68k.deb
          Size/MD5 checksum:   811308 675071b60bf7604029d3b9bb7f9d7fa7
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_m68k.deb
          Size/MD5 checksum:  1437126 f72bf3101dff7666764144e067c222b4
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_m68k.deb
          Size/MD5 checksum:   996514 d65a43ee4d13f7d8b2e60fcd79bc1a46
        http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_m68k.deb
          Size/MD5 checksum:   804982 c401927b09c0ee5c79727bebefcbb026
        http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_m68k.deb
          Size/MD5 checksum:   730252 1c91b25ab5926d6da868aa9b4bf84fd4
    
      Big endian MIPS architecture:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_mips.deb
          Size/MD5 checksum:   784884 fa5d5b971d96c5188aed859eba805eb4
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_mips.deb
          Size/MD5 checksum:  1413338 1232a5281e48c703c99cabc5ea8777a5
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_mips.deb
          Size/MD5 checksum:  1312878 d3dd3cd33fef646b53c1e5f5e93ee788
        http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_mips.deb
          Size/MD5 checksum:   832678 3eda8f1830383293eba823cf984d15d5
        http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_mips.deb
          Size/MD5 checksum:   731444 3c50ceaea9bd62bce4eb4c5fb2bb0678
    
      Little endian MIPS architecture:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_mipsel.deb
          Size/MD5 checksum:   784866 a2bab5ddee0ec91f396422f0fd0133ee
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_mipsel.deb
          Size/MD5 checksum:  1418510 ba607a78662d2294d82c7425e804f3d1
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_mipsel.deb
          Size/MD5 checksum:  1273102 66daf0e381d18f91ddfd738243339b85
        http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_mipsel.deb
          Size/MD5 checksum:   832708 3f4362c2c82fea024e2b14c3722b2351
        http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_mipsel.deb
          Size/MD5 checksum:   731292 5c06ed6b9b380e2cf88e14f900f0d634
    
      PowerPC architecture:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_powerpc.deb
          Size/MD5 checksum:   832410 367a1322826f11ef9dcbdc0c2a555a4b
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_powerpc.deb
          Size/MD5 checksum:  1484164 0489fb05721749be8a77c3b6be7b6814
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_powerpc.deb
          Size/MD5 checksum:  1322578 4c3972bc7d19a25863efd7fc20447363
        http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_powerpc.deb
          Size/MD5 checksum:   824460 80aa5fe58c0d357bfcdea1e6568889d1
        http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_powerpc.deb
          Size/MD5 checksum:   731674 94282339ba881ba28c2f06a84dab01e9
    
      IBM S/390 architecture:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_s390.deb
          Size/MD5 checksum:   793848 a76fffb4dcb478b9ab2a6a304dce5667
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_s390.deb
          Size/MD5 checksum:  1480932 a81f9fbb32fc486ba92bac8ed84f3abd
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_s390.deb
          Size/MD5 checksum:  1077868 fcf7d1957102b26ea3a8fa9c70b305e5
        http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_s390.deb
          Size/MD5 checksum:   814068 cee89d4ce9dce6cb508e608ad8718796
        http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_s390.deb
          Size/MD5 checksum:   731410 9f59b5a7ce92d38560b5c529fd134473
    
      Sun Sparc architecture:
    
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_sparc.deb
          Size/MD5 checksum:   813492 8a2bcbc7c3ac29a7de6ab08f1e23a554
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_sparc.deb
          Size/MD5 checksum:  1484394 4386034ab461611e28beaefa2acc237c
        http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_sparc.deb
          Size/MD5 checksum:  1198292 460d4253893dfd4e87a015427a95cb08
        http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_sparc.deb
          Size/MD5 checksum:   809826 d1b38721fae2ebc880cef0703d7d4d68
        http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_sparc.deb
          Size/MD5 checksum:   730608 26961f57a7aa5fed6a04813b7627531f
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"5","type":"x","order":"1","pct":55.56,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":33.33,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":11.11,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.