[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [linux-security] Alert: multiple vulnerabilities in SNMP packages (Debian, Mandrake)
On Tue, Feb 12, 2002 at 05:03:52PM -0800, Martin Siegert wrote:
> Topic
> =====
> bugs in ucd-snmp package allow DoS attack and possibly remote root exploit
>
> Problem Description
> ===================
> Multiple Vulnerabilities exist in many implementations of the Simple Network
> Management Protocol (SNMP). The Oulu University Secure Programming Group
> (OUSPG) has reported numerous vulnerabilities in SNMPv1 implementations
>
> Vulnerabilities in the decoding and subsequent processing of SNMP
> messages by both managers and agents may result in denial-of-service
> conditions, format string vulnerabilities, and buffer overflows. Some
> vulnerabilities do not require the SNMP message to use the correct
> SNMP community string.
>
> Immediate action is strongly advised.
>
> Affected Systems
> ================
> Basically all Unix systems that use SNMP; see the CERT advisory
> http://www.cert.org/advisories/CA-2002-03.html
>
> Linux systems with ucd-snmp versions < 4.2.3 installed.
>
> Workaround (recommended!)
> =========================
> uninstall ucd-snmp: rpm -e ucd-snmp
> (you probably do not need it)
>
> Solution
> ========
> if you cannot use the workaround above:
Debian 2.2 (potato)
-------------------
upgrade to libsnmp4.1_4.1.1-2.1_i386.deb,
libsnmp4.1-dev_4.1.1-2.1_i386.deb,
snmp_4.1.1-2.1_i386.deb,
snmpd_4.1.1-2.1_i386.deb
Mandrake 7.1
------------
rpm -Fvh ucd-snmp-4.2.3-1.3mdk.i586.rpm \
ucd-snmp-devel-4.2.3-1.3mdk.i586.rpm \
ucd-snmp-utils-4.2.3-1.3mdk.i586.rpm
Mandrake 7.2, 8.0
-----------------
rpm -Fvh ucd-snmp-4.2.3-1.2mdk.i586.rpm \
ucd-snmp-devel-4.2.3-1.2mdk.i586.rpm \
ucd-snmp-utils-4.2.3-1.2mdk.i586.rpm
Mandrake 8.1
------------
rpm -Fvh ucd-snmp-4.2.3-1.1mdk.i586.rpm \
ucd-snmp-devel-4.2.3-1.1mdk.i586.rpm \
ucd-snmp-utils-4.2.3-1.1mdk.i586.rpm