[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-security] Alert: multiple vulnerabilities in SNMP packages

To: linux-security
Subject: [linux-security] Alert: multiple vulnerabilities in SNMP packages
From: Martin Siegert <siegert@sfu.ca>
Date: Tue, 12 Feb 2002 17:03:52 -0800
User-Agent: Mutt/1.2.5.1i

Topic
=====
bugs in ucd-snmp package allow DoS attack and possibly remote root exploit

Problem Description
===================
Multiple Vulnerabilities exist in many implementations of the Simple Network
Management Protocol (SNMP). The Oulu University Secure Programming Group
(OUSPG) has reported numerous vulnerabilities in SNMPv1 implementations

Vulnerabilities in the decoding and subsequent processing of SNMP
messages by both managers and agents may result in denial-of-service
conditions,  format string vulnerabilities, and buffer overflows. Some
vulnerabilities  do  not  require  the SNMP message to use the correct
SNMP community string.

Immediate action is strongly advised.

Affected Systems
================
Basically all Unix systems that use SNMP; see the CERT advisory
http://www.cert.org/advisories/CA-2002-03.html

Linux systems with ucd-snmp versions < 4.2.3 installed.

Workaround (recommended!)
=========================
uninstall ucd-snmp: rpm -e ucd-snmp
(you probably do not need it)

Solution
========
if you cannot use the workaround above:

RedHat 6.x
----------
rpm -Fvh ucd-snmp-4.2.3-1.6.x.3.i386.rpm \
         ucd-snmp-devel-4.2.3-1.6.x.3.i386.rpm \
         ucd-snmp-utils-4.2.3-1.6.x.3.i386.rpm

RedHat 7.0
----------
rpm -Fvh ucd-snmp-4.2.3-1.7.0.3.i386.rpm \
         ucd-snmp-devel-4.2.3-1.7.0.3.i386.rpm \
         ucd-snmp-utils-4.2.3-1.7.0.3.i386.rpm

RedHat 7.1
----------
rpm -Fvh ucd-snmp-4.2.3-1.7.1.3.i386.rpm \
         ucd-snmp-devel-4.2.3-1.7.1.3.i386.rpm \
         ucd-snmp-utils-4.2.3-1.7.1.3.i386.rpm

RedHat 7.2
----------
rpm -Fvh ucd-snmp-4.2.3-1.7.2.3.i386.rpm \
         ucd-snmp-devel-4.2.3-1.7.2.3.i386.rpm \
         ucd-snmp-utils-4.2.3-1.7.2.3.i386.rpm

Caldera Open UNIX 8.0.0
-----------------------
Location of Fixed Binaries:
ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.4/
Download erg711937.Z to the /tmp directory
# uncompress /tmp/erg711937.Z
# pkgadd -d /tmp/erg711937

Caldera UnixWare 7.1.1
----------------------
Location of Fixed Binaries:
ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.4
Download erg711937b.Z to the /tmp directory
# uncompress /tmp/erg711937b.Z
# pkgadd -d /tmp/erg711937b

Caldera UnixWare 7.1.0
----------------------
Location of Fixed Binaries:
ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.4
Download erg711937c.Z to the /tmp directory
# uncompress /tmp/erg711937c.Z
# pkgadd -d /tmp/erg711937c

Follow-Ups:
- Re: [linux-security] Alert: multiple vulnerabilities in SNMP packages (Debian, Mandrake)
  - From: Martin Siegert <siegert@sfu.ca>

Prev by Date: Re: [linux-security] rsync remote root exploit
Next by Date: [linux-security] new check-rpms available
Prev by thread: [linux-security] squid vulnerabilities: DoS attack, remote exploit
Next by thread: Re: [linux-security] Alert: multiple vulnerabilities in SNMP packages (Debian, Mandrake)
Index(es):
- Date
- Thread