Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: February 27th, 2015
Linux Security Week: February 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Debian: New net-snmp packages fix denial of service Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Debian Updated package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 873-1                                        Martin Schulze
October 26th, 2005              
- --------------------------------------------------------------------------

Package        : net-snmp
Vulnerability  : programming error
Problem type   : remote
Debian-specific: no
CVE ID         : CAN-2005-2177
BugTraq ID     : 14168

A security vulnerability has been found in Net-SNMP releases that
could allow a denial of service attack against Net-SNMP agent's that
have opened a stream based protocol (eg TCP but not UDP).  By default,
Net-SNMP does not open a TCP port.

The old stable distribution (woody) does not contain a net-snmp package.

For the stable distribution (sarge) this problem has been fixed in
version 5.1.2-6.2.

For the unstable distribution (sid) this problem has been fixed in

We recommend that you upgrade your net-snmp package.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:
      Size/MD5 checksum:      794 0aa985327e01703ee88e9c9fc63dcccb
      Size/MD5 checksum:    67941 80b50ece9798c3634843213632ea8b53
      Size/MD5 checksum:  3253579 8080555ab3f90011f25d5122042d9a8d

  Architecture independent components:
      Size/MD5 checksum:  1005346 9f09bd5325ecb399a6b8b8b4c74e409e
      Size/MD5 checksum:   754688 5c84a39f4fb06e9ffae0c693b4e6c1fe

  Alpha architecture:
      Size/MD5 checksum:   818316 c130066a195f6061032c039dbb70f4c6
      Size/MD5 checksum:  1579716 b35f6363a539100eb8a32cdee143c4b5
      Size/MD5 checksum:  1647842 99a7926ca98e85e3f8742dfc7a46b880
      Size/MD5 checksum:   820826 8645dbb814fee32fd4dba772806b4e7d
      Size/MD5 checksum:   733324 0d1113f65055b9802b1f0db33bf8566c

  AMD64 architecture:
      Size/MD5 checksum:   815302 8b739d0e928cbed3d4e5fc30df4dd26d
      Size/MD5 checksum:  1553650 907b6ad8b395b2167ed07331d9ae88b1
      Size/MD5 checksum:  1184882 fd9f8a3c36a0573737d2856e70be4b55
      Size/MD5 checksum:   815620 073e011929c866ea6793852c48822f38
      Size/MD5 checksum:   731774 aa783fcf78888d5379c80cadfecba92f

  ARM architecture:
      Size/MD5 checksum:   811116 7c0db64010705b24094b04cb697c21ae
      Size/MD5 checksum:  1477848 0072b62e6a873a7bca251a5a7b1a4ac6
      Size/MD5 checksum:  1120060 5d51cd366d5497c549c95d81233820cb
      Size/MD5 checksum:   810168 1e2aaa41d86cbf1d3455cc3ad1e9246e
      Size/MD5 checksum:   730678 4da842f3e4c7820b6994dbaa4ce9464c

  Intel IA-32 architecture:
      Size/MD5 checksum:   818878 b3b728436c0d24dd71cae4c745d78d69
      Size/MD5 checksum:  1531948 64e0d4d60e1ec437c0693cd80ab5652d
      Size/MD5 checksum:  1100052 a86f8867983efe3eaf2ae2c0a529fcd7
      Size/MD5 checksum:   811618 6939d4e93c77a9da325a1558d0b1c492
      Size/MD5 checksum:   730514 a31ff071dc8dc2406f60d8c9fc4f8a74

  Intel IA-64 architecture:
      Size/MD5 checksum:   846348 9902935d551e5eec1aaefdb2689bc1ba
      Size/MD5 checksum:  1780724 eb6b2eb4ba43a0a0bcb99cdd51b2e4e8
      Size/MD5 checksum:  1584452 caa05c744a6ce901def3aefa11347302
      Size/MD5 checksum:   838818 a59fd105fb8b839031eacc1faf3410a4
      Size/MD5 checksum:   737976 22069dd21aab422a67ca368dc7537aa4

  HP Precision architecture:
      Size/MD5 checksum:   829624 8d8d43de36f2846f0f4c689eafc239d1
      Size/MD5 checksum:  1604876 1f5fc833c478b0e737d89a86b69bf6a0
      Size/MD5 checksum:  1368226 d77ce1656b2f5f1c09bd98aeb17bb354
      Size/MD5 checksum:   824466 8a1f5d695a218655932180b3f8e3b49c
      Size/MD5 checksum:   733168 1c894d59e8d8cad67210b22049c55338

  Motorola 680x0 architecture:
      Size/MD5 checksum:   811308 675071b60bf7604029d3b9bb7f9d7fa7
      Size/MD5 checksum:  1437126 f72bf3101dff7666764144e067c222b4
      Size/MD5 checksum:   996514 d65a43ee4d13f7d8b2e60fcd79bc1a46
      Size/MD5 checksum:   804982 c401927b09c0ee5c79727bebefcbb026
      Size/MD5 checksum:   730252 1c91b25ab5926d6da868aa9b4bf84fd4

  Big endian MIPS architecture:
      Size/MD5 checksum:   784884 fa5d5b971d96c5188aed859eba805eb4
      Size/MD5 checksum:  1413338 1232a5281e48c703c99cabc5ea8777a5
      Size/MD5 checksum:  1312878 d3dd3cd33fef646b53c1e5f5e93ee788
      Size/MD5 checksum:   832678 3eda8f1830383293eba823cf984d15d5
      Size/MD5 checksum:   731444 3c50ceaea9bd62bce4eb4c5fb2bb0678

  Little endian MIPS architecture:
      Size/MD5 checksum:   784866 a2bab5ddee0ec91f396422f0fd0133ee
      Size/MD5 checksum:  1418510 ba607a78662d2294d82c7425e804f3d1
      Size/MD5 checksum:  1273102 66daf0e381d18f91ddfd738243339b85
      Size/MD5 checksum:   832708 3f4362c2c82fea024e2b14c3722b2351
      Size/MD5 checksum:   731292 5c06ed6b9b380e2cf88e14f900f0d634

  PowerPC architecture:
      Size/MD5 checksum:   832410 367a1322826f11ef9dcbdc0c2a555a4b
      Size/MD5 checksum:  1484164 0489fb05721749be8a77c3b6be7b6814
      Size/MD5 checksum:  1322578 4c3972bc7d19a25863efd7fc20447363
      Size/MD5 checksum:   824460 80aa5fe58c0d357bfcdea1e6568889d1
      Size/MD5 checksum:   731674 94282339ba881ba28c2f06a84dab01e9

  IBM S/390 architecture:
      Size/MD5 checksum:   793848 a76fffb4dcb478b9ab2a6a304dce5667
      Size/MD5 checksum:  1480932 a81f9fbb32fc486ba92bac8ed84f3abd
      Size/MD5 checksum:  1077868 fcf7d1957102b26ea3a8fa9c70b305e5
      Size/MD5 checksum:   814068 cee89d4ce9dce6cb508e608ad8718796
      Size/MD5 checksum:   731410 9f59b5a7ce92d38560b5c529fd134473

  Sun Sparc architecture:
      Size/MD5 checksum:   813492 8a2bcbc7c3ac29a7de6ab08f1e23a554
      Size/MD5 checksum:  1484394 4386034ab461611e28beaefa2acc237c
      Size/MD5 checksum:  1198292 460d4253893dfd4e87a015427a95cb08
      Size/MD5 checksum:   809826 d1b38721fae2ebc880cef0703d7d4d68
      Size/MD5 checksum:   730608 26961f57a7aa5fed6a04813b7627531f

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Why Silicon Valley Hackers Still Won’t Work With the Military, and Vice Versa
Bad movie: Hackers can raid networks with burnt Blu-Rays
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.