Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Gentoo: GLSA-202008-12 Normal: Net-SNMP Multiple Privilege Escalations

gentoo
Calendar Grey August 26, 2020
Dist Gentoo Esm H88
Significant security flaws identified in Net-SNMP may allow unauthorized privilege gain. Update immediately to bolster system protection.
Multiple vulnerabilities have been found in Net-SNMP, the worst of which could result in privilege escalation.

Summary

Multiple vulnerabilities have been discovered in Net-SNMP. Please review the CVE identifiers referenced below for details.

Topics%20covered

Topics Covered

security advisory Gentoo privilege escalation Net-SNMP normal severity

Resolution

All Net-SNMP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=net-analyzer/net-snmp-5.8.1_pre1"

References

[ 1 ] CVE-2019-20892 https://nvd.nist.gov/vuln/detail/CVE-2019-20892 [ 2 ] CVE-2020-15861 https://nvd.nist.gov/vuln/detail/CVE-2020-15861 [ 3 ] CVE-2020-15862 https://nvd.nist.gov/vuln/detail/CVE-2020-15862

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202008-12
style>.gentoo_availability{display:block;}

Concerns

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

Severity: Normal
Title: Net-SNMP: Multiple vulnerabilities
Date: August 26, 2020
Bugs: #729610, #734994
ID: 202008-12

Topics%20covered

Topics Covered

security advisory Gentoo privilege escalation Net-SNMP normal severity

Synopsis

Multiple vulnerabilities have been found in Net-SNMP, the worst of which could result in privilege escalation.

Background

Net-SNMP bundles software for generating and retrieving SNMP data.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/net-snmp < 5.8.1_pre1 >= 5.8.1_pre1

Impact

===== Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Your message here