[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070502153659.GE20826@outflux.net>
Date: Wed, 2 May 2007 08:36:59 -0700
From: Kees Cook <kees@...ntu.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-456-1] net-snmp vulnerability
===========================================================
Ubuntu Security Notice USN-456-1 May 02, 2007
net-snmp vulnerability
CVE-2005-4837
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
snmpd 5.2.1.2-4ubuntu2.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
The SNMP service did not correctly handle TCP disconnects. Remote
subagents could cause a denial of service if they dropped a connection
at a specific time.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.1.diff.gz
Size/MD5: 71936 2a4cb9c1f800080e5e2374f3f84b8d7a
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.1.dsc
Size/MD5: 792 2855b4bf1c6d5fdda432999b3e7c7533
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2.orig.tar.gz
Size/MD5: 3869893 34159770a7fe418d99fdd416a75358b1
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.2.1.2-4ubuntu2.1_all.deb
Size/MD5: 1151640 e40129b2a40d0efe2644207776152c98
http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.2.1.2-4ubuntu2.1_all.deb
Size/MD5: 822598 b768bdd2b9f4417925b4b3efb3d4edcb
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.1_amd64.deb
Size/MD5: 896164 855871a700bfa3655ac3a10118cb69e6
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.1_amd64.deb
Size/MD5: 1496678 398e8f61079aff0fba54135322812d36
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.1_amd64.deb
Size/MD5: 1825690 fb3b45a844420bc93c0c1ea7aec1b6c8
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.1_amd64.deb
Size/MD5: 888946 2ddf1fd336891d925c05c093620c6755
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.1_amd64.deb
Size/MD5: 796756 90b141201184e1f01ab9ff0e1b4f3612
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.1_i386.deb
Size/MD5: 896372 eac0a7df274971ba80b1dd669c0f0ec8
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.1_i386.deb
Size/MD5: 1267600 b52a5f612636a6d2ba77efe7da2fb864
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.1_i386.deb
Size/MD5: 1709432 cb84264a9581bcbb2093280924d2036f
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.1_i386.deb
Size/MD5: 881478 4d9bc662c8ecab47b484c33765b24a55
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.1_i386.deb
Size/MD5: 794300 aeaf12afa90adbe6466e1f14ac3a81e7
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.1_powerpc.deb
Size/MD5: 912514 2af054816148762b77a561655944b2b8
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.1_powerpc.deb
Size/MD5: 1589090 f00c4b7f21855f7862864bf51b898569
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.1_powerpc.deb
Size/MD5: 1727216 7a982cc48199b22df04cb84f1fc5f217
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.1_powerpc.deb
Size/MD5: 898250 75a7b6278614c10ab1967a689f00a6e1
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.1_powerpc.deb
Size/MD5: 795666 449405c93bf2c822694c51c09112cf6c
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.1_sparc.deb
Size/MD5: 896380 8d9bced826d6097c92b056fba5651cec
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.1_sparc.deb
Size/MD5: 1485066 fff34136dd9ef3ccb9fa43d58cb8f31c
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.1_sparc.deb
Size/MD5: 1705908 95015429b477368287651682622c12ff
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.1_sparc.deb
Size/MD5: 882846 223f74ba12b6374e8c79c9b05b3f7a9e
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.1_sparc.deb
Size/MD5: 796020 af0197bc714b9a1bf0ad240d208ee497
Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists