<<< Date Index >>>     <<< Thread Index >>>

MDKSA-2005:137 - Updated ucd-snmp packages fix a DoS vulnerability



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           ucd-snmp
 Advisory ID:            MDKSA-2005:137
 Date:                   August 11th, 2005

 Affected versions:      10.0, 10.1, Corporate 3.0,
                         Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 A Denial of Service vulnerability was discovered in the way that
 ucd-snmp uses network stream protocols.  A remote attacker could send
 a ucd-snmp agent a specially crafted packet that would cause the agent
 to crash.
 
 The updated packages have been patched to correct this problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2177
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 1ec82c6bba06b67fab79512b5d69991f  10.0/RPMS/libsnmp0-4.2.3-8.1.100mdk.i586.rpm
 2f71452cb8c240901b01cae587cb99a0  
10.0/RPMS/libsnmp0-devel-4.2.3-8.1.100mdk.i586.rpm
 991e54c57ec7d6d0347d0fb01299ed7b  10.0/RPMS/ucd-snmp-4.2.3-8.1.100mdk.i586.rpm
 03c23cc0777224e66e382df0310e9284  
10.0/RPMS/ucd-snmp-utils-4.2.3-8.1.100mdk.i586.rpm
 656b798cb43a4fa9b6311a15a7255e53  10.0/SRPMS/ucd-snmp-4.2.3-8.1.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 6b67f45785c222cf3ec311e7a1e11aa2  
amd64/10.0/RPMS/lib64snmp0-4.2.3-8.1.100mdk.amd64.rpm
 ba7744a7506b3c3b46d6d81b0e2a17dd  
amd64/10.0/RPMS/lib64snmp0-devel-4.2.3-8.1.100mdk.amd64.rpm
 57ffd179857bdf9d77bc92b89a9eb5ba  
amd64/10.0/RPMS/ucd-snmp-4.2.3-8.1.100mdk.amd64.rpm
 f3aa3c69a2c96d6c5ef6f977091d0390  
amd64/10.0/RPMS/ucd-snmp-utils-4.2.3-8.1.100mdk.amd64.rpm
 656b798cb43a4fa9b6311a15a7255e53  
amd64/10.0/SRPMS/ucd-snmp-4.2.3-8.1.100mdk.src.rpm

 Mandrakelinux 10.1:
 d21f32fa4f6d9237132d67a8fe1b4a98  10.1/RPMS/libsnmp0-4.2.3-11.1.101mdk.i586.rpm
 8ad8f1d530f8596220c72f98fe67097b  
10.1/RPMS/libsnmp0-devel-4.2.3-11.1.101mdk.i586.rpm
 d1c8c884b432ea3dd02a6fe08d8a5f57  10.1/RPMS/ucd-snmp-4.2.3-11.1.101mdk.i586.rpm
 c7b3c2f5fe98def745a564712bbf8296  
10.1/RPMS/ucd-snmp-utils-4.2.3-11.1.101mdk.i586.rpm
 9abd6284019ce141e0903aa37799f35f  10.1/SRPMS/ucd-snmp-4.2.3-11.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 0cf3cdf2c2fd9f499030fc1e1aa04d3f  
x86_64/10.1/RPMS/lib64snmp0-4.2.3-11.1.101mdk.x86_64.rpm
 e6e8d2722098f70f977d2d928b32a2ef  
x86_64/10.1/RPMS/lib64snmp0-devel-4.2.3-11.1.101mdk.x86_64.rpm
 ca7025278a9b5d2f5c3d36180a5c821b  
x86_64/10.1/RPMS/ucd-snmp-4.2.3-11.1.101mdk.x86_64.rpm
 aa7c499f22e26a12ff3de0da204028dd  
x86_64/10.1/RPMS/ucd-snmp-utils-4.2.3-11.1.101mdk.x86_64.rpm
 9abd6284019ce141e0903aa37799f35f  
x86_64/10.1/SRPMS/ucd-snmp-4.2.3-11.1.101mdk.src.rpm

 Corporate Server 2.1:
 6d491b7a64870b3e9f836a05c7a913ee  
corporate/2.1/RPMS/libsnmp0-4.2.3-4.1.C21mdk.i586.rpm
 896f988b8ec39d98e5d5610d481c4b42  
corporate/2.1/RPMS/libsnmp0-devel-4.2.3-4.1.C21mdk.i586.rpm
 0edbe96f4d21e36da8f0390a68ce66ed  
corporate/2.1/RPMS/ucd-snmp-4.2.3-4.1.C21mdk.i586.rpm
 d3fd811451030ca94ceb9fcefd2f1fbb  
corporate/2.1/RPMS/ucd-snmp-utils-4.2.3-4.1.C21mdk.i586.rpm
 cb4f36a706cf22b259dce990accd0073  
corporate/2.1/SRPMS/ucd-snmp-4.2.3-4.1.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 04503e5c624db249276f1443e1447eb3  
x86_64/corporate/2.1/RPMS/libsnmp0-4.2.3-4.1.C21mdk.x86_64.rpm
 f122515b0bc5bf07ba097fa511b7e5c9  
x86_64/corporate/2.1/RPMS/libsnmp0-devel-4.2.3-4.1.C21mdk.x86_64.rpm
 65e892b827b65da9dba1e4b8589a42fe  
x86_64/corporate/2.1/RPMS/ucd-snmp-4.2.3-4.1.C21mdk.x86_64.rpm
 7ad7585692e61205b2655ee8c3357f4d  
x86_64/corporate/2.1/RPMS/ucd-snmp-utils-4.2.3-4.1.C21mdk.x86_64.rpm
 cb4f36a706cf22b259dce990accd0073  
x86_64/corporate/2.1/SRPMS/ucd-snmp-4.2.3-4.1.C21mdk.src.rpm

 Corporate 3.0:
 806a8b30df5fdab502fd4212010fe966  
corporate/3.0/RPMS/libsnmp0-4.2.3-8.1.C30mdk.i586.rpm
 a17b9b5a8a64b4eea1182780cb047c43  
corporate/3.0/RPMS/libsnmp0-devel-4.2.3-8.1.C30mdk.i586.rpm
 d79ecaaec17d6890cfcc5e3ddfbd0b59  
corporate/3.0/RPMS/ucd-snmp-4.2.3-8.1.C30mdk.i586.rpm
 e38b6010ca5a50923487d0da60b124fa  
corporate/3.0/RPMS/ucd-snmp-utils-4.2.3-8.1.C30mdk.i586.rpm
 331f9d7c8087be72b048422556b2e6b3  
corporate/3.0/SRPMS/ucd-snmp-4.2.3-8.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 8debb15a1a7ae05cda3cc280605ccf5a  
x86_64/corporate/3.0/RPMS/lib64snmp0-4.2.3-8.1.C30mdk.x86_64.rpm
 e6f458df2f1d5c058e6d7a0d7f8573aa  
x86_64/corporate/3.0/RPMS/lib64snmp0-devel-4.2.3-8.1.C30mdk.x86_64.rpm
 1e6ac132e2090a88df63912219948ffc  
x86_64/corporate/3.0/RPMS/ucd-snmp-4.2.3-8.1.C30mdk.x86_64.rpm
 90e5cea17f37f6107a0fada648b692ea  
x86_64/corporate/3.0/RPMS/ucd-snmp-utils-4.2.3-8.1.C30mdk.x86_64.rpm
 331f9d7c8087be72b048422556b2e6b3  
x86_64/corporate/3.0/SRPMS/ucd-snmp-4.2.3-8.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC+7OXmqjQ0CJFipgRArSKAJwJKcBm/VsggNtfAAFGa1F2p+ijSgCg8Bax
4jzFXfCO8o6Zy1w5DK9VTz4=
=SHMN
-----END PGP SIGNATURE-----