Debian 9 Stretch: DLA-2299-1 Moderate: Net-SNMP Escalation Issue
debian lts
July 30, 2020
A privilege escalation vulnerability vulnerability was discovered in Net-SNMP, a set of tools for collecting and organising information about devices on computer networks
Summary
* It is still possible to enable this MIB via the
--with-mib-modules configure option.
* Another MIB that provides similar functionality, namely
ucd-snmp/extensible, is disabled by default.
* The security risk of ucd-snmp/pass and ucd-snmp/pass_persist is
lower since these modules only introduce a security risk if the
invoked scripts are exploitable.
For Debian 9 "Stretch", this issue has been fixed in net-snmp version
5.7.3+dfsg-1.7+deb9u2.
We recommend that you upgrade your net-snmp packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
PREVIOUS 
NEXT Package: net-snmp
Version: 5.7.3+dfsg-1.7+deb9u2
Debian Bug: #965166
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!