Articles / Debian: New net-snmp packag…

Debian: New net-snmp packages fix denial of service vulnerability

The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value. Fixed packages are available from
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1483-1                               Noah Meyerhans
February 06, 2008         
- ------------------------------------------------------------------------

Package        : net-snmp
Vulnerability  : design error
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2007-5846

The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote
attackers to cause a denial of service (CPU and memory consumption)
via a GETBULK request with a large max-repeaters value.

For the stable distribution (etch), this problem has been fixed in
version 5.2.3-7etch2

For the unstable and testing distributions (sid and lenny,
respectively), this problem has been fixed in version 5.4.1~dfsg-2

We recommend that you upgrade your net-snmp package.

Upgrade instructions
- --------------------

wget url
       will fetch the file for you
dpkg -i file.deb
       will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
       will update the internal database
apt-get upgrade
       will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
   Size/MD5 checksum:    92129 d4395b24ac55a351ff666b146e50e7da
   Size/MD5 checksum:     1038 34169ea344d11cc6acbbc79598f1afbe
   Size/MD5 checksum:  4006389 ba4bc583413f90618228d0f196da8181

Architecture independent packages:
   Size/MD5 checksum:   855026 9ba19bd7e95b8b786db833d088033c20
   Size/MD5 checksum:  1215052 492929e419a21cb45a6b9f7f892e51e5

alpha architecture (DEC Alpha)
   Size/MD5 checksum:   836522 8f375e58599f11a92c219432c3c40a50
   Size/MD5 checksum:   942474 877cd68b94cc98c3ce277f81e94ad559
   Size/MD5 checksum:  1901930 4ce94285480f0587b9c9006db0b1d892
   Size/MD5 checksum:  2171130 b21a6b7ab1fc2084134b0746c46caaa8
   Size/MD5 checksum:   932262 eb96a420dd3fb6b556ed8001bc44bb93

amd64 architecture (AMD x86_64 (AMD64))
   Size/MD5 checksum:  1892588 eed6e7f494feeb82dadfd6292aeb54f3
   Size/MD5 checksum:   834892 1870924c9276f277d5e61b6929bc063a
   Size/MD5 checksum:   931080 f413808b39167a15c6d1452767537e36
   Size/MD5 checksum:  1561022 29910b7b991cc876540f926ee5e2453a
   Size/MD5 checksum:   919590 0962031c17b2cc752b2aa0a34224face

arm architecture (ARM)
   Size/MD5 checksum:  1777992 b7bb0164b520a6240321efdafbde344b
   Size/MD5 checksum:   834966 473f0c386f9c6da35689b14ab1d379c1
   Size/MD5 checksum:  1344096 153ff9028f6accc63ed18d7bdf07485b
   Size/MD5 checksum:   927916 989b6de8d07d36bd144ca88423b8d027
   Size/MD5 checksum:   909516 6d3f6fd8e7472228f20c60be890d023e

i386 architecture (Intel ia32)
   Size/MD5 checksum:   834156 8166a1a4c4f97fbe40efbf491b7bf72c
   Size/MD5 checksum:   917354 b894368213ab2cd00eded49533b16aa6
   Size/MD5 checksum:  1835912 c7567cd3db0d4e6536a3002eb4d8e265
   Size/MD5 checksum:   924832 ba03a9804f155ea4a284f7643457b146
   Size/MD5 checksum:  1416974 619e4f9b2c3eb7819cd2bd524ca7554b

ia64 architecture (Intel ia64)
   Size/MD5 checksum:   970124 3deb315b5de9afb14b52b394bae18a43
   Size/MD5 checksum:   962568 4c5698e042bf664eff0bfe993c192d5d
   Size/MD5 checksum:  2281236 d4bc4f69d7e7a593335053e91a6c485d
   Size/MD5 checksum:   842400 a950588e1b8e71079343ecd47e2d640f
   Size/MD5 checksum:  2205332 702c89982dfae8501a048367d78161a8

mips architecture (MIPS (Big Endian))
   Size/MD5 checksum:   927142 5c8a6c536a3d50fd5002e12f62872224
   Size/MD5 checksum:   895056 4cbf2439096d64f153e94c2d45021310
   Size/MD5 checksum:  1717040 6d61c1ac4c4a67b69ca4d59244f4eefa
   Size/MD5 checksum:  1769510 0b2fb829d8c98099a21fe59375eaab6f
   Size/MD5 checksum:   832874 b55a90b9778923425fd4ede1403a1483

mipsel architecture (MIPS (Little Endian))
   Size/MD5 checksum:  1720352 83b11573a1389090c6419974438810a6
   Size/MD5 checksum:   894848 a85af9050de7d658d06beb78cfd331d4
   Size/MD5 checksum:  1755240 edbf171acb4813d6e8936f553b0c63bf
   Size/MD5 checksum:   832830 47e00fa0d4acad4a9adcbeab7f34a33d
   Size/MD5 checksum:   926346 9d81f235f0232259ac87af5d9a77a3f2

powerpc architecture (PowerPC)
   Size/MD5 checksum:   941140 e45bfb918d4814fc58509576cb353855
   Size/MD5 checksum:  1657898 67553ac67857e5a93610fcb62a114faa
   Size/MD5 checksum:   927732 1c6e3bc8b903ed51301d55e5329121f0
   Size/MD5 checksum:  1802946 54dfa2f2746fe644f7129499eb709284
   Size/MD5 checksum:   834926 c63610793fa21e534247fb4eebfcdf38

s390 architecture (IBM S/390)
   Size/MD5 checksum:   903456 0a741302e5532e07949911f755522f47
   Size/MD5 checksum:   835824 d3bae80f1bbf09eade1207b758945003
   Size/MD5 checksum:  1834732 cc3acadd0669ee790c77e141e73d951b
   Size/MD5 checksum:  1409706 594dae3b8a0d801bc5aa0cbe240785fc
   Size/MD5 checksum:   931154 08a5a95841d6c643660dfe8df647d9f1

sparc architecture (Sun SPARC/UltraSPARC)
   Size/MD5 checksum:   918174 d0f688bfabae071b11d24b852e90c11b
   Size/MD5 checksum:  1781666 ab7507949d9f8f111e530f3e0aa42e42
   Size/MD5 checksum:   925014 b6df8efcb3e971cb711e37f4b4d21302
   Size/MD5 checksum:   833856 f13884fa38c2eb1fe055e044503f3e67
   Size/MD5 checksum:  1548582 426a31f689fb0b3b3f4777a7e6bb51db

 These files will probably be moved into the stable distribution on
 its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show ' and
Version: GnuPG v1.4.6 (GNU/Linux)



Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.


Project Spotlight


An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.