| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050929165807.GB7658@piware.de>
Date: Thu, 29 Sep 2005 18:58:07 +0200
From: Martin Pitt <martin.pitt@...onical.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-190-1] SNMP vulnerability
===========================================================
Ubuntu Security Notice USN-190-1 September 29, 2005
net-snmp vulnerability
CAN-2005-2177
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
The following packages are affected:
libsnmp5
snmpd
The problem can be corrected by upgrading the affected package to
version 5.1.1-2ubuntu3.1 (for Ubuntu 4.10), or 5.1.2-6ubuntu2.1 (for
Ubuntu 5.04). In general, a standard system upgrade is sufficient to
effect the necessary changes.
Details follow:
A remote Denial of Service has been discovered in the SMNP (Simple
Network Management Protocol) library. If a SNMP agent uses TCP sockets
for communication, a malicious SNMP server could exploit this to crash
the agent. Please note that by default SNMP uses UDP sockets.
Updated packages for Ubuntu 4.10 (Warty Warthog):
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.1.1-2ubuntu3.1.diff.gz
Size/MD5: 64878 d6c0be6b1f4910491e5ab25445bb4700
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.1.1-2ubuntu3.1.dsc
Size/MD5: 764 0b56d8f481a40a648d71a46a28a30242
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.1.1.orig.tar.gz
Size/MD5: 2977122 68f6c946387718e4f300cbb8b6c4bd43
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.1.1-2ubuntu3.1_all.deb
Size/MD5: 983990 986268d8d36780928e4f7f228d729307
http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.1.1-2ubuntu3.1_all.deb
Size/MD5: 738088 ca1c90ee739e8e818a71662f41539a6b
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.1.1-2ubuntu3.1_i386.deb
Size/MD5: 794030 fa885c25434f9ecd71c2e787a61bf760
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5-dev_5.1.1-2ubuntu3.1_i386.deb
Size/MD5: 1028070 5248a763ea62417775874d25852d2b56
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5_5.1.1-2ubuntu3.1_i386.deb
Size/MD5: 1489964 f8ad34a059cfdb933fde0a4d0ab385d7
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.1.1-2ubuntu3.1_i386.deb
Size/MD5: 136042 5ad75b861d30d9f452047dca700f6f2e
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.1.1-2ubuntu3.1_i386.deb
Size/MD5: 54640 2013a51151c05fa64a1e149690e06e13
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.1.1-2ubuntu3.1_powerpc.deb
Size/MD5: 796128 99dbf58f2e3ff4cf81465fa1f1fde473
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5-dev_5.1.1-2ubuntu3.1_powerpc.deb
Size/MD5: 1311040 9877027d336c486c40ac6bf78883d6f9
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5_5.1.1-2ubuntu3.1_powerpc.deb
Size/MD5: 1465006 ecf9077a8c3138db2fd2f8049eb82a08
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.1.1-2ubuntu3.1_powerpc.deb
Size/MD5: 149448 c41a3984aa3667eb3e71ea1c440cbfd7
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.1.1-2ubuntu3.1_powerpc.deb
Size/MD5: 55844 7ffd98af0b11f69d62c9dde55f1f9b9d
Updated packages for Ubuntu 5.04 (Hoary Hedgehog):
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.1.2-6ubuntu2.1.diff.gz
Size/MD5: 68366 90bfe25c7bc22e56ffd42b1afdb350a7
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.1.2-6ubuntu2.1.dsc
Size/MD5: 775 459a6744d320dbbcd80268253be6e1f1
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.1.2.orig.tar.gz
Size/MD5: 3253579 8080555ab3f90011f25d5122042d9a8d
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.1.2-6ubuntu2.1_all.deb
Size/MD5: 1005694 b2a867637c62da63e23b3eb3d27a0106
http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.1.2-6ubuntu2.1_all.deb
Size/MD5: 755084 07016f05eb39707b56248c82acfd59fb
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.1.2-6ubuntu2.1_amd64.deb
Size/MD5: 815728 aeba8df81837e61c17d81aef02fa4fae
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5-dev_5.1.2-6ubuntu2.1_amd64.deb
Size/MD5: 1185224 5738e905796f4050f470c79b03098aea
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5_5.1.2-6ubuntu2.1_amd64.deb
Size/MD5: 1554094 db62ac7eb5e2442c8443e0ad21269ce0
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.1.2-6ubuntu2.1_amd64.deb
Size/MD5: 816050 8ddd19cd43b88158f742765eee1896a8
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.1.2-6ubuntu2.1_amd64.deb
Size/MD5: 731958 f1039aef1794673573b0ecb8cead1017
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.1.2-6ubuntu2.1_i386.deb
Size/MD5: 817026 9fd60f18d27256295c95acd827a2f18c
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5-dev_5.1.2-6ubuntu2.1_i386.deb
Size/MD5: 1037670 55f7d7c540f3a76bc495b1faec49860a
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5_5.1.2-6ubuntu2.1_i386.deb
Size/MD5: 1510352 ccedf857d9c3925f9122d1e4ee705276
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.1.2-6ubuntu2.1_i386.deb
Size/MD5: 810016 a138b4065ebb956f3a712b48366c3b61
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.1.2-6ubuntu2.1_i386.deb
Size/MD5: 730546 cbaf4080d0a9e73cb21eb6da4d118f7d
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.1.2-6ubuntu2.1_powerpc.deb
Size/MD5: 832746 d463e6f9252d8f1fbebbe79d8b26f2de
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5-dev_5.1.2-6ubuntu2.1_powerpc.deb
Size/MD5: 1322704 218183622f1c5d10174c6cca4dfadfca
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5_5.1.2-6ubuntu2.1_powerpc.deb
Size/MD5: 1485112 b2ca935924363dcefd02c0c168a10eb6
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.1.2-6ubuntu2.1_powerpc.deb
Size/MD5: 824778 a1c68fbeea22d4430be29099cde2221b
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.1.2-6ubuntu2.1_powerpc.deb
Size/MD5: 731820 a98ce3c4e56b98bf2ef3928a38795a14
Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists