| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: aliz at gentoo.org (Daniel Ahlberg) Subject: GLSA: net-snmp -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT - - -------------------------------------------------------------------- PACKAGE :net-snmp SUMMARY :Denial of service DATE :2002-10-14 08:00 UTC - - -------------------------------------------------------------------- The SNMP daemon included in the Net-SNMP package can be crashed if it attempts to process a specially crafted packet. Exploitation requires foreknowledge of a known SNMP community string (either read or read/write). This issue potentially affects any Net-SNMP installation in which the "public" read-only community string has not been changed. Read the full advisory at http://www.idefense.com/advisory/10.02.02.txt SOLUTION It is recommended that all Gentoo Linux users who are running net-analyzer/net-snmp-5.0.2a and earlier update their systems as follows: emerge rsync emerge net-snmp emerge clean - - -------------------------------------------------------------------- aliz@...too.org - GnuPG key is available at www.gentoo.org/~aliz - - -------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9qnpxfT7nyhUpoZMRAr8VAJ9NwwO9ymOe6V66qGre6wdnJ2kOTACgulqf CKtVjHMlHd5/lFs31IBCyno= =KVPU -----END PGP SIGNATURE-----
Powered by blists - more mailing lists