| |||||||||||||||||||
Mageia alert MGASA-2012-0128 (net-snmp)
MGASA-2012-0128 Date: June 27th, 2012 Affected releases: 1, 2 Description: Updated net-snmp packages fix security vulnerability: An array index error, leading to out-of heap-based buffer read flaw was found in the way net-snmp agent performed entries lookup in the extension table. When certain MIB subtree was handled by the extend directive, a remote attacker having read privilege to the subtree could use this flaw to cause a denial of service (snmpd crash) via SNMP GET request involving a non-existent extension table entry (CVE-2012-2141). Updated Packages: Mageia 1: net-snmp-5.6.1-7.1.mga1 net-snmp-mibs-5.6.1-7.1.mga1 net-snmp-tkmib-5.6.1-7.1.mga1 net-snmp-trapd-5.6.1-7.1.mga1 net-snmp-utils-5.6.1-7.1.mga1 perl-NetSNMP-5.6.1-7.1.mga1 lib(64)net-snmp25-5.6.1-7.1.mga1 lib(64)net-snmp-devel-5.6.1-7.1.mga1 lib(64)net-snmp-static-devel-5.6.1-7.1.mga1 Mageia 2: net-snmp-5.7.1-3.1.mga2 net-snmp-mibs-5.7.1-3.1.mga2 net-snmp-tkmib-5.7.1-3.1.mga2 net-snmp-trapd-5.7.1-3.1.mga2 net-snmp-utils-5.7.1-3.1.mga2 perl-NetSNMP-5.7.1-3.1.mga2 python-netsnmp-5.7.1-3.1.mga2 lib(64)net-snmp30-5.7.1-3.1.mga2 lib(64)net-snmp-devel-5.7.1-3.1.mga2 lib(64)net-snmp-static-devel-5.7.1-3.1.mga2 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2141 http://www.mandriva.com/en/support/security/advisories/?d... https://bugs.mageia.org/show_bug.cgi?id=6076 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-... (Log in to post comments)
|
|||||||||||||||||||