Debian: New net-snmp packages fix several vulnerabilities
Summary
- ------------------------------------------------------------------------Debian Security Advisory DSA-1663-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst November 09, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : net-snmp Vulnerability : several Problem type : local (remote) Debian-specific: no CVE Id(s) : CVE-2008-0960 CVE-2008-2292 CVE-2008-4309 Debian Bugs : 485945 482333 504150 Several vulnerabilities have been discovered in NET SNMP, a suite of Simple Network Management Protocol applications. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-0960 Wes Hardaker reported that the SNMPv3 HMAC verification relies on the client to specify the HMAC length, which allows spoofing of authenticated SNMPv3 packets. CVE-2008-2292 John Kortink reported a buffer overflow in the __snprint_value function in snmp_get causing a denial of service and potentially allowing the execution of arbitrary code via a large OCTETSTRING in an attribute value pair (AVP). CVE-2008-4309 It was reported that an integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c allows remote attackers to cause a denial of service attack via a crafted SNMP GETBULK request. For the stable distribution (etch), these problems has been fixed in version 5.2.3-7etch4. For the testing distribution (lenny) and unstable distribution (sid) these problems have been fixed in version 5.4.1~dfsg-11. We recommend that you upgrade your net-snmp package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - -------------------------------Source archives: Size/MD5 checksum: 94030 2ccd6191c3212980956c30de392825ec Size/MD5 checksum: 1046 8018cc23033178515298d5583a74f9ff Size/MD5 checksum: 4006389 ba4bc583413f90618228d0f196da8181 Architecture independent packages: Size/MD5 checksum: 1214368 d579d8f28f3d704b6c09b2b480425086 Size/MD5 checksum: 855594 b5ccd827adbcefcca3557fa9ae28cc08 alpha architecture (DEC Alpha) Size/MD5 checksum: 2169470 265835564ef2b0e2e86a08000461c53b Size/MD5 checksum: 944098 5b903886ee4740842715797e3231602c Size/MD5 checksum: 1901802 5486eb1f2a5b076e5342b1dd9cbb12e2 Size/MD5 checksum: 933202 e3210ba1641079e0c3aaf4a50e89aedd Size/MD5 checksum: 835584 b14db8c5e5b5e2d34799952975f903fb amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 932008 fc79672bf64eaabd41ed1c2f4a42c7da Size/MD5 checksum: 1890766 ae3832515a97a79b31e0e7f0316356ee Size/MD5 checksum: 835088 62867e9ba9dfca3c7e8ae575d5a478f5 Size/MD5 checksum: 918844 d2d1bc5f555bc9dba153e2a9a964ffbf Size/MD5 checksum: 1557924 5c2a33a015dd44708a9cc7602ca2525c arm architecture (ARM) Size/MD5 checksum: 909974 4c1cef835efc0b7ff3fea54a618eabee Size/MD5 checksum: 835284 3ac835d926481c9e0f589b578455ddee Size/MD5 checksum: 928252 b98e98b58c61be02e477185293427d5c Size/MD5 checksum: 1778292 b903adf3d1fa6e7a26f7cafb7bffdd6b Size/MD5 checksum: 1344158 78b6cf6b2974983e8e3670468da73cd1 hppa architecture (HP PA RISC) Size/MD5 checksum: 835940 9eeaf116e386dd7733ab2106c662dfa9 Size/MD5 checksum: 1809132 78bb5f1c12b004d32fa265e6bd99ffa1 Size/MD5 checksum: 1926116 71c7f3095ffe1bb22e84ade21f32b3a4 Size/MD5 checksum: 935434 85deac8531b02a0fdf3c9baa21d8e4bd Size/MD5 checksum: 935640 958cb158264f75772864cd5d5c0bf251 i386 architecture (Intel ia32) Size/MD5 checksum: 1423294 f05c7491a8100684c5085588738f05b5 Size/MD5 checksum: 833970 cb705c9fe9418cc9348ac935ea7b0ba2 Size/MD5 checksum: 920070 3df41a0c99c41d1bccf6801011cf8ed5 Size/MD5 checksum: 925914 159b4244ef701edbe0fb8c9685b5b477 Size/MD5 checksum: 1838900 3b7ac7b8fe0da1a3909ee56aba46d464 ia64 architecture (Intel ia64) Size/MD5 checksum: 2205680 6868a56b1db04627e6921bf7237939a2 Size/MD5 checksum: 970440 783f0cccabfbcc63590730b3803d164d Size/MD5 checksum: 2281114 fd04b505755a3aed0fe4c9baaac84500 Size/MD5 checksum: 842690 9f9ca89c3d3ba7c46481e9cd39c242a6 Size/MD5 checksum: 962854 c8a32f808d719357a5b6350e2b60794e mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 895414 5dd919d188291cb3727d39b5e06c9e26 Size/MD5 checksum: 927342 28c245db4d8ea82ba4075b27d674d72a Size/MD5 checksum: 833182 0e0b21e13d77de82bed7a38d30f65e4b Size/MD5 checksum: 1769524 24bdc73a3d20c4046c7741957442c713 Size/MD5 checksum: 1717562 977ae5c34a127d32d8f2bf222de9a431 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 1755032 cab5c112911465a9ce23a0d2ea44ded9 Size/MD5 checksum: 926616 2bf14a3fe74d9f2a523aacc8b04f5282 Size/MD5 checksum: 895194 b7c9ed37bf83ad92371f5472ac5d917b Size/MD5 checksum: 833098 08b63ba6c3becf25ba2f941a532a7b71 Size/MD5 checksum: 1720642 1ff7568eb478edee923edb76cf42e9ac powerpc architecture (PowerPC) Size/MD5 checksum: 941434 bbac9384bd7f88339e2b86fa665208c1 Size/MD5 checksum: 835212 4790d79f8de7f1bee7aabf0473f25268 Size/MD5 checksum: 1657890 b91fcf52e80c7196cea0c13df9ac79ef Size/MD5 checksum: 1803262 4d298c9509941390c7b2eb68320ad211 Size/MD5 checksum: 928170 b17966a6a61313344ac827b58f32eeef s390 architecture (IBM S/390) Size/MD5 checksum: 1409718 2a128cbdce2522ef49604255cff41af2 Size/MD5 checksum: 931452 d3bb7c3a849cd2b35fa6e4acb19c318d Size/MD5 checksum: 1834914 67e5b946df18b06b41b3e108d5ddc4e3 Size/MD5 checksum: 836102 7a4b85e8ea0e50d7213997b5f7d6309f Size/MD5 checksum: 903864 3f80e78e4e2672aacf3da0690ff24b79 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 925336 5824ea607689f3f1bd62a9e6e28f95ae Size/MD5 checksum: 1548630 1378d1cf730d3026bc1f01a4ab2ccedb Size/MD5 checksum: 918592 28a086f6aa2ee8d510b38c1a177843fc Size/MD5 checksum: 834186 068cbf2b4774ecf9504b820db26e6f1d Size/MD5 checksum: 1782014 d39fae5fe0d1397a2a1bd7397d6e850a These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.