full-disclosure-uk May 2007 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: [USN-456-1] net-snmp vulnerability

[USN-456-1] net-snmp vulnerability

From: Kees Cook <kees_at_nospam>
Date: Wed May 02 2007 - 15:36:59 GMT
To: ubuntu-security-announce@lists.ubuntu.com



Ubuntu Security Notice USN-456-1 May 02, 2007 net-snmp vulnerability
CVE-2005-4837

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 6.06 LTS: snmpd 5.2.1.2-4ubuntu2.1

In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

The SNMP service did not correctly handle TCP disconnects. Remote subagents could cause a denial of service if they dropped a connection at a specific time.

Updated packages for Ubuntu 6.06 LTS:

  Source archives: http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.1.diff.gz Size/MD5: 71936 2a4cb9c1f800080e5e2374f3f84b8d7a http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.1.dsc Size/MD5: 792 2855b4bf1c6d5fdda432999b3e7c7533 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2.orig.tar.gz Size/MD5: 3869893 34159770a7fe418d99fdd416a75358b1

  Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.2.1.2-4ubuntu2.1_all.deb Size/MD5: 1151640 e40129b2a40d0efe2644207776152c98 http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.2.1.2-4ubuntu2.1_all.deb Size/MD5: 822598 b768bdd2b9f4417925b4b3efb3d4edcb

  amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.1_amd64.deb Size/MD5: 896164 855871a700bfa3655ac3a10118cb69e6 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.1_amd64.deb Size/MD5: 1496678 398e8f61079aff0fba54135322812d36 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.1_amd64.deb Size/MD5: 1825690 fb3b45a844420bc93c0c1ea7aec1b6c8 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.1_amd64.deb Size/MD5: 888946 2ddf1fd336891d925c05c093620c6755 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.1_amd64.deb Size/MD5: 796756 90b141201184e1f01ab9ff0e1b4f3612

  i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.1_i386.deb Size/MD5: 896372 eac0a7df274971ba80b1dd669c0f0ec8 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.1_i386.deb Size/MD5: 1267600 b52a5f612636a6d2ba77efe7da2fb864 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.1_i386.deb Size/MD5: 1709432 cb84264a9581bcbb2093280924d2036f http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.1_i386.deb Size/MD5: 881478 4d9bc662c8ecab47b484c33765b24a55 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.1_i386.deb Size/MD5: 794300 aeaf12afa90adbe6466e1f14ac3a81e7

  powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.1_powerpc.deb Size/MD5: 912514 2af054816148762b77a561655944b2b8 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.1_powerpc.deb Size/MD5: 1589090 f00c4b7f21855f7862864bf51b898569 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.1_powerpc.deb Size/MD5: 1727216 7a982cc48199b22df04cb84f1fc5f217 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.1_powerpc.deb Size/MD5: 898250 75a7b6278614c10ab1967a689f00a6e1 http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.1_powerpc.deb Size/MD5: 795666 449405c93bf2c822694c51c09112cf6c

  sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.1_sparc.deb Size/MD5: 896380 8d9bced826d6097c92b056fba5651cec http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.1_sparc.deb Size/MD5: 1485066 fff34136dd9ef3ccb9fa43d58cb8f31c http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.1_sparc.deb Size/MD5: 1705908 95015429b477368287651682622c12ff http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.1_sparc.deb Size/MD5: 882846 223f74ba12b6374e8c79c9b05b3f7a9e http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.1_sparc.deb Size/MD5: 796020 af0197bc714b9a1bf0ad240d208ee497

-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce