USN-456-1: net-snmp vulnerability
Posted on: 05/02/2007 06:40 PM

A new net-snmp vulnerability update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-456-1 May 02, 2007
net-snmp vulnerability
CVE-2005-4837
==========================
==========================
=========

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
snmpd 5.2.1.2-4ubuntu2.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

The SNMP service did not correctly handle TCP disconnects. Remote
subagents could cause a denial of service if they dropped a connection
at a specific time.


Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2=
-4ubuntu2.1.diff.gz
Size/MD5: 71936 2a4cb9c1f800080e5e2374f3f84b8d7a
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2=
-4ubuntu2.1.dsc
Size/MD5: 792 2855b4bf1c6d5fdda432999b3e7c7533
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2=
.orig.tar.gz
Size/MD5: 3869893 34159770a7fe418d99fdd416a75358b1

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.2=
.1.2-4ubuntu2.1_all.deb
Size/MD5: 1151640 e40129b2a40d0efe2644207776152c98
http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.2.1.=
2-4ubuntu2.1_all.deb
Size/MD5: 822598 b768bdd2b9f4417925b4b3efb3d4edcb

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2=
.1.2-4ubuntu2.1_amd64.deb
Size/MD5: 896164 855871a700bfa3655ac3a10118cb69e6
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2=
.1.2-4ubuntu2.1_amd64.deb
Size/MD5: 1496678 398e8f61079aff0fba54135322812d36
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2=
-4ubuntu2.1_amd64.deb
Size/MD5: 1825690 fb3b45a844420bc93c0c1ea7aec1b6c8
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ub=
untu2.1_amd64.deb
Size/MD5: 888946 2ddf1fd336891d925c05c093620c6755
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4u=
buntu2.1_amd64.deb
Size/MD5: 796756 90b141201184e1f01ab9ff0e1b4f3612

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2=
.1.2-4ubuntu2.1_i386.deb
Size/MD5: 896372 eac0a7df274971ba80b1dd669c0f0ec8
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2=
.1.2-4ubuntu2.1_i386.deb
Size/MD5: 1267600 b52a5f612636a6d2ba77efe7da2fb864
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2=
-4ubuntu2.1_i386.deb
Size/MD5: 1709432 cb84264a9581bcbb2093280924d2036f
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ub=
untu2.1_i386.deb
Size/MD5: 881478 4d9bc662c8ecab47b484c33765b24a55
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4u=
buntu2.1_i386.deb
Size/MD5: 794300 aeaf12afa90adbe6466e1f14ac3a81e7

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2=
.1.2-4ubuntu2.1_powerpc.deb
Size/MD5: 912514 2af054816148762b77a561655944b2b8
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2=
.1.2-4ubuntu2.1_powerpc.deb
Size/MD5: 1589090 f00c4b7f21855f7862864bf51b898569
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2=
-4ubuntu2.1_powerpc.deb
Size/MD5: 1727216 7a982cc48199b22df04cb84f1fc5f217
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ub=
untu2.1_powerpc.deb
Size/MD5: 898250 75a7b6278614c10ab1967a689f00a6e1
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4u=
buntu2.1_powerpc.deb
Size/MD5: 795666 449405c93bf2c822694c51c09112cf6c

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2=
.1.2-4ubuntu2.1_sparc.deb
Size/MD5: 896380 8d9bced826d6097c92b056fba5651cec
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2=
.1.2-4ubuntu2.1_sparc.deb
Size/MD5: 1485066 fff34136dd9ef3ccb9fa43d58cb8f31c
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2=
-4ubuntu2.1_sparc.deb
Size/MD5: 1705908 95015429b477368287651682622c12ff
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ub=
untu2.1_sparc.deb
Size/MD5: 882846 223f74ba12b6374e8c79c9b05b3f7a9e
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4u=
buntu2.1_sparc.deb
Size/MD5: 796020 af0197bc714b9a1bf0ad240d208ee497


--z9LUXdM02iSxOrxu
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGOLAbH/9LqRcGPm0RAhn7AJ4mIA6Fi25eUfC1Pz2Ck0lYqjDeEACfYhLP
57qsPuWy+aQnMhvaYce6KZU=
=kcWt
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_456_1_net_snmp_vulnerability.html)