Linux Security
    Linux Security
    Linux Security

    Debian: New net-snmp packages fix several vulnerabilities

    Date 08 Nov 2008
    Posted By LinuxSecurity Advisories
    Several vulnerabilities have been discovered in NET SNMP, a suite of Simple Network Management Protocol applications. Wes Hardaker reported that the SNMPv3 HMAC verification relies on the client to specify the HMAC length, which allows spoofing of authenticated SNMPv3 packets.
    - ------------------------------------------------------------------------
    Debian Security Advisory DSA-1663-1                  This email address is being protected from spambots. You need JavaScript enabled to view it.                          Thijs Kinkhorst
    November 09, 2008           
    - ------------------------------------------------------------------------
    Package        : net-snmp
    Vulnerability  : several
    Problem type   : local (remote)
    Debian-specific: no
    CVE Id(s)      : CVE-2008-0960 CVE-2008-2292 CVE-2008-4309
    Debian Bugs    : 485945 482333 504150
    Several vulnerabilities have been discovered in NET SNMP, a suite of
    Simple Network Management Protocol applications. The Common
    Vulnerabilities and Exposures project identifies the following problems:
        Wes Hardaker reported that the SNMPv3 HMAC verification relies on
        the client to specify the HMAC length, which allows spoofing of
        authenticated SNMPv3 packets.
        John Kortink reported a buffer overflow in the __snprint_value
        function in snmp_get causing a denial of service and potentially
        allowing the execution of arbitrary code via a large OCTETSTRING 
        in an attribute value pair (AVP).
        It was reported that an integer overflow in the
        netsnmp_create_subtree_cache function in agent/snmp_agent.c allows   
        remote attackers to cause a denial of service attack via a crafted  
        SNMP GETBULK request.
    For the stable distribution (etch), these problems has been fixed in
    version 5.2.3-7etch4.
    For the testing distribution (lenny) and unstable distribution (sid)
    these problems have been fixed in version 5.4.1~dfsg-11.
    We recommend that you upgrade your net-snmp package.
    Upgrade instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 4.0 alias etch
    - -------------------------------
    Source archives:
        Size/MD5 checksum:    94030 2ccd6191c3212980956c30de392825ec
        Size/MD5 checksum:     1046 8018cc23033178515298d5583a74f9ff
        Size/MD5 checksum:  4006389 ba4bc583413f90618228d0f196da8181
    Architecture independent packages:
        Size/MD5 checksum:  1214368 d579d8f28f3d704b6c09b2b480425086
        Size/MD5 checksum:   855594 b5ccd827adbcefcca3557fa9ae28cc08
    alpha architecture (DEC Alpha)
        Size/MD5 checksum:  2169470 265835564ef2b0e2e86a08000461c53b
        Size/MD5 checksum:   944098 5b903886ee4740842715797e3231602c
        Size/MD5 checksum:  1901802 5486eb1f2a5b076e5342b1dd9cbb12e2
        Size/MD5 checksum:   933202 e3210ba1641079e0c3aaf4a50e89aedd
        Size/MD5 checksum:   835584 b14db8c5e5b5e2d34799952975f903fb
    amd64 architecture (AMD x86_64 (AMD64))
        Size/MD5 checksum:   932008 fc79672bf64eaabd41ed1c2f4a42c7da
        Size/MD5 checksum:  1890766 ae3832515a97a79b31e0e7f0316356ee
        Size/MD5 checksum:   835088 62867e9ba9dfca3c7e8ae575d5a478f5
        Size/MD5 checksum:   918844 d2d1bc5f555bc9dba153e2a9a964ffbf
        Size/MD5 checksum:  1557924 5c2a33a015dd44708a9cc7602ca2525c
    arm architecture (ARM)
        Size/MD5 checksum:   909974 4c1cef835efc0b7ff3fea54a618eabee
        Size/MD5 checksum:   835284 3ac835d926481c9e0f589b578455ddee
        Size/MD5 checksum:   928252 b98e98b58c61be02e477185293427d5c
        Size/MD5 checksum:  1778292 b903adf3d1fa6e7a26f7cafb7bffdd6b
        Size/MD5 checksum:  1344158 78b6cf6b2974983e8e3670468da73cd1
    hppa architecture (HP PA RISC)
        Size/MD5 checksum:   835940 9eeaf116e386dd7733ab2106c662dfa9
        Size/MD5 checksum:  1809132 78bb5f1c12b004d32fa265e6bd99ffa1
        Size/MD5 checksum:  1926116 71c7f3095ffe1bb22e84ade21f32b3a4
        Size/MD5 checksum:   935434 85deac8531b02a0fdf3c9baa21d8e4bd
        Size/MD5 checksum:   935640 958cb158264f75772864cd5d5c0bf251
    i386 architecture (Intel ia32)
        Size/MD5 checksum:  1423294 f05c7491a8100684c5085588738f05b5
        Size/MD5 checksum:   833970 cb705c9fe9418cc9348ac935ea7b0ba2
        Size/MD5 checksum:   920070 3df41a0c99c41d1bccf6801011cf8ed5
        Size/MD5 checksum:   925914 159b4244ef701edbe0fb8c9685b5b477
        Size/MD5 checksum:  1838900 3b7ac7b8fe0da1a3909ee56aba46d464
    ia64 architecture (Intel ia64)
        Size/MD5 checksum:  2205680 6868a56b1db04627e6921bf7237939a2
        Size/MD5 checksum:   970440 783f0cccabfbcc63590730b3803d164d
        Size/MD5 checksum:  2281114 fd04b505755a3aed0fe4c9baaac84500
        Size/MD5 checksum:   842690 9f9ca89c3d3ba7c46481e9cd39c242a6
        Size/MD5 checksum:   962854 c8a32f808d719357a5b6350e2b60794e
    mips architecture (MIPS (Big Endian))
        Size/MD5 checksum:   895414 5dd919d188291cb3727d39b5e06c9e26
        Size/MD5 checksum:   927342 28c245db4d8ea82ba4075b27d674d72a
        Size/MD5 checksum:   833182 0e0b21e13d77de82bed7a38d30f65e4b
        Size/MD5 checksum:  1769524 24bdc73a3d20c4046c7741957442c713
        Size/MD5 checksum:  1717562 977ae5c34a127d32d8f2bf222de9a431
    mipsel architecture (MIPS (Little Endian))
        Size/MD5 checksum:  1755032 cab5c112911465a9ce23a0d2ea44ded9
        Size/MD5 checksum:   926616 2bf14a3fe74d9f2a523aacc8b04f5282
        Size/MD5 checksum:   895194 b7c9ed37bf83ad92371f5472ac5d917b
        Size/MD5 checksum:   833098 08b63ba6c3becf25ba2f941a532a7b71
        Size/MD5 checksum:  1720642 1ff7568eb478edee923edb76cf42e9ac
    powerpc architecture (PowerPC)
        Size/MD5 checksum:   941434 bbac9384bd7f88339e2b86fa665208c1
        Size/MD5 checksum:   835212 4790d79f8de7f1bee7aabf0473f25268
        Size/MD5 checksum:  1657890 b91fcf52e80c7196cea0c13df9ac79ef
        Size/MD5 checksum:  1803262 4d298c9509941390c7b2eb68320ad211
        Size/MD5 checksum:   928170 b17966a6a61313344ac827b58f32eeef
    s390 architecture (IBM S/390)
        Size/MD5 checksum:  1409718 2a128cbdce2522ef49604255cff41af2
        Size/MD5 checksum:   931452 d3bb7c3a849cd2b35fa6e4acb19c318d
        Size/MD5 checksum:  1834914 67e5b946df18b06b41b3e108d5ddc4e3
        Size/MD5 checksum:   836102 7a4b85e8ea0e50d7213997b5f7d6309f
        Size/MD5 checksum:   903864 3f80e78e4e2672aacf3da0690ff24b79
    sparc architecture (Sun SPARC/UltraSPARC)
        Size/MD5 checksum:   925336 5824ea607689f3f1bd62a9e6e28f95ae
        Size/MD5 checksum:  1548630 1378d1cf730d3026bc1f01a4ab2ccedb
        Size/MD5 checksum:   918592 28a086f6aa2ee8d510b38c1a177843fc
        Size/MD5 checksum:   834186 068cbf2b4774ecf9504b820db26e6f1d
        Size/MD5 checksum:  1782014 d39fae5fe0d1397a2a1bd7397d6e850a
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"8","type":"x","order":"1","pct":27.59,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":20.69,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":51.72,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.