<<< Date Index >>>     <<< Thread Index >>>

[SECURITY] [DSA 1483-1] New net-snmp packages fix denial of service vulnerability



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1483-1                security@xxxxxxxxxx
http://www.debian.org/security/                         Noah Meyerhans
February 06, 2008                   http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : net-snmp
Vulnerability  : design error
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2007-5846

The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote
attackers to cause a denial of service (CPU and memory consumption)
via a GETBULK request with a large max-repeaters value.

For the stable distribution (etch), this problem has been fixed in
version 5.2.3-7etch2

For the unstable and testing distributions (sid and lenny,
respectively), this problem has been fixed in version 5.4.1~dfsg-2

We recommend that you upgrade your net-snmp package.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, 
mipsel, powerpc, s390 and sparc.

Source archives:

  
http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3-7etch2.diff.gz
    Size/MD5 checksum:    92129 d4395b24ac55a351ff666b146e50e7da
  
http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3-7etch2.dsc
    Size/MD5 checksum:     1038 34169ea344d11cc6acbbc79598f1afbe
  
http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.2.3.orig.tar.gz
    Size/MD5 checksum:  4006389 ba4bc583413f90618228d0f196da8181

Architecture independent packages:

  
http://security.debian.org/pool/updates/main/n/net-snmp/tkmib_5.2.3-7etch2_all.deb
    Size/MD5 checksum:   855026 9ba19bd7e95b8b786db833d088033c20
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-base_5.2.3-7etch2_all.deb
    Size/MD5 checksum:  1215052 492929e419a21cb45a6b9f7f892e51e5

alpha architecture (DEC Alpha)

  
http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch2_alpha.deb
    Size/MD5 checksum:   836522 8f375e58599f11a92c219432c3c40a50
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch2_alpha.deb
    Size/MD5 checksum:   942474 877cd68b94cc98c3ce277f81e94ad559
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch2_alpha.deb
    Size/MD5 checksum:  1901930 4ce94285480f0587b9c9006db0b1d892
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch2_alpha.deb
    Size/MD5 checksum:  2171130 b21a6b7ab1fc2084134b0746c46caaa8
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch2_alpha.deb
    Size/MD5 checksum:   932262 eb96a420dd3fb6b556ed8001bc44bb93

amd64 architecture (AMD x86_64 (AMD64))

  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch2_amd64.deb
    Size/MD5 checksum:  1892588 eed6e7f494feeb82dadfd6292aeb54f3
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch2_amd64.deb
    Size/MD5 checksum:   834892 1870924c9276f277d5e61b6929bc063a
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch2_amd64.deb
    Size/MD5 checksum:   931080 f413808b39167a15c6d1452767537e36
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch2_amd64.deb
    Size/MD5 checksum:  1561022 29910b7b991cc876540f926ee5e2453a
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch2_amd64.deb
    Size/MD5 checksum:   919590 0962031c17b2cc752b2aa0a34224face

arm architecture (ARM)

  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch2_arm.deb
    Size/MD5 checksum:  1777992 b7bb0164b520a6240321efdafbde344b
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch2_arm.deb
    Size/MD5 checksum:   834966 473f0c386f9c6da35689b14ab1d379c1
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch2_arm.deb
    Size/MD5 checksum:  1344096 153ff9028f6accc63ed18d7bdf07485b
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch2_arm.deb
    Size/MD5 checksum:   927916 989b6de8d07d36bd144ca88423b8d027
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch2_arm.deb
    Size/MD5 checksum:   909516 6d3f6fd8e7472228f20c60be890d023e

i386 architecture (Intel ia32)

  
http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch2_i386.deb
    Size/MD5 checksum:   834156 8166a1a4c4f97fbe40efbf491b7bf72c
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch2_i386.deb
    Size/MD5 checksum:   917354 b894368213ab2cd00eded49533b16aa6
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch2_i386.deb
    Size/MD5 checksum:  1835912 c7567cd3db0d4e6536a3002eb4d8e265
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch2_i386.deb
    Size/MD5 checksum:   924832 ba03a9804f155ea4a284f7643457b146
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch2_i386.deb
    Size/MD5 checksum:  1416974 619e4f9b2c3eb7819cd2bd524ca7554b

ia64 architecture (Intel ia64)

  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch2_ia64.deb
    Size/MD5 checksum:   970124 3deb315b5de9afb14b52b394bae18a43
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch2_ia64.deb
    Size/MD5 checksum:   962568 4c5698e042bf664eff0bfe993c192d5d
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch2_ia64.deb
    Size/MD5 checksum:  2281236 d4bc4f69d7e7a593335053e91a6c485d
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch2_ia64.deb
    Size/MD5 checksum:   842400 a950588e1b8e71079343ecd47e2d640f
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch2_ia64.deb
    Size/MD5 checksum:  2205332 702c89982dfae8501a048367d78161a8

mips architecture (MIPS (Big Endian))

  
http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch2_mips.deb
    Size/MD5 checksum:   927142 5c8a6c536a3d50fd5002e12f62872224
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch2_mips.deb
    Size/MD5 checksum:   895056 4cbf2439096d64f153e94c2d45021310
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch2_mips.deb
    Size/MD5 checksum:  1717040 6d61c1ac4c4a67b69ca4d59244f4eefa
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch2_mips.deb
    Size/MD5 checksum:  1769510 0b2fb829d8c98099a21fe59375eaab6f
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch2_mips.deb
    Size/MD5 checksum:   832874 b55a90b9778923425fd4ede1403a1483

mipsel architecture (MIPS (Little Endian))

  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch2_mipsel.deb
    Size/MD5 checksum:  1720352 83b11573a1389090c6419974438810a6
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch2_mipsel.deb
    Size/MD5 checksum:   894848 a85af9050de7d658d06beb78cfd331d4
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch2_mipsel.deb
    Size/MD5 checksum:  1755240 edbf171acb4813d6e8936f553b0c63bf
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch2_mipsel.deb
    Size/MD5 checksum:   832830 47e00fa0d4acad4a9adcbeab7f34a33d
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch2_mipsel.deb
    Size/MD5 checksum:   926346 9d81f235f0232259ac87af5d9a77a3f2

powerpc architecture (PowerPC)

  
http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch2_powerpc.deb
    Size/MD5 checksum:   941140 e45bfb918d4814fc58509576cb353855
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch2_powerpc.deb
    Size/MD5 checksum:  1657898 67553ac67857e5a93610fcb62a114faa
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch2_powerpc.deb
    Size/MD5 checksum:   927732 1c6e3bc8b903ed51301d55e5329121f0
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch2_powerpc.deb
    Size/MD5 checksum:  1802946 54dfa2f2746fe644f7129499eb709284
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch2_powerpc.deb
    Size/MD5 checksum:   834926 c63610793fa21e534247fb4eebfcdf38

s390 architecture (IBM S/390)

  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch2_s390.deb
    Size/MD5 checksum:   903456 0a741302e5532e07949911f755522f47
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch2_s390.deb
    Size/MD5 checksum:   835824 d3bae80f1bbf09eade1207b758945003
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch2_s390.deb
    Size/MD5 checksum:  1834732 cc3acadd0669ee790c77e141e73d951b
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch2_s390.deb
    Size/MD5 checksum:  1409706 594dae3b8a0d801bc5aa0cbe240785fc
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch2_s390.deb
    Size/MD5 checksum:   931154 08a5a95841d6c643660dfe8df647d9f1

sparc architecture (Sun SPARC/UltraSPARC)

  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.2.3-7etch2_sparc.deb
    Size/MD5 checksum:   918174 d0f688bfabae071b11d24b852e90c11b
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9_5.2.3-7etch2_sparc.deb
    Size/MD5 checksum:  1781666 ab7507949d9f8f111e530f3e0aa42e42
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.2.3-7etch2_sparc.deb
    Size/MD5 checksum:   925014 b6df8efcb3e971cb711e37f4b4d21302
  
http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.2.3-7etch2_sparc.deb
    Size/MD5 checksum:   833856 f13884fa38c2eb1fe055e044503f3e67
  
http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp9-dev_5.2.3-7etch2_sparc.deb
    Size/MD5 checksum:  1548582 426a31f689fb0b3b3f4777a7e6bb51db


  These files will probably be moved into the stable distribution on
  its next update.

- 
---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security 
dists/stable/updates/main
Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHqgXfYrVLjBFATsMRAh1QAJ949bquNFrGOLCWnfB6eWPuDR695gCdFC02
/C3q6l7UFMwZ2dc1FtxJztg=
=5GhV
-----END PGP SIGNATURE-----