Medium: net-snmp

2015-09-0212:00:00

alas.aws.amazon.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.082 Low

EPSS

Percentile

94.3%

JSON

Issue Overview:

It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user running snmpd. (CVE-2015-5621)

Affected Packages:

net-snmp

Issue Correction:
Run yum update net-snmp to update your system.

New Packages:

i686:  
    net-snmp-devel-5.5-54.1.20.amzn1.i686  
    net-snmp-libs-5.5-54.1.20.amzn1.i686  
    net-snmp-utils-5.5-54.1.20.amzn1.i686  
    net-snmp-python-5.5-54.1.20.amzn1.i686  
    net-snmp-debuginfo-5.5-54.1.20.amzn1.i686  
    net-snmp-5.5-54.1.20.amzn1.i686  
    net-snmp-perl-5.5-54.1.20.amzn1.i686  
  
src:  
    net-snmp-5.5-54.1.20.amzn1.src  
  
x86_64:  
    net-snmp-libs-5.5-54.1.20.amzn1.x86_64  
    net-snmp-5.5-54.1.20.amzn1.x86_64  
    net-snmp-python-5.5-54.1.20.amzn1.x86_64  
    net-snmp-debuginfo-5.5-54.1.20.amzn1.x86_64  
    net-snmp-perl-5.5-54.1.20.amzn1.x86_64  
    net-snmp-utils-5.5-54.1.20.amzn1.x86_64  
    net-snmp-devel-5.5-54.1.20.amzn1.x86_64

Additional References

Red Hat: CVE-2015-5621

Mitre: CVE-2015-5621

OSVersionArchitecturePackageVersionFilename
Amazon Linux1i686net-snmp-devel< 5.5-54.1.20.amzn1net-snmp-devel-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux1i686net-snmp-libs< 5.5-54.1.20.amzn1net-snmp-libs-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux1i686net-snmp-utils< 5.5-54.1.20.amzn1net-snmp-utils-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux1i686net-snmp-python< 5.5-54.1.20.amzn1net-snmp-python-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux1i686net-snmp-debuginfo< 5.5-54.1.20.amzn1net-snmp-debuginfo-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux1i686net-snmp< 5.5-54.1.20.amzn1net-snmp-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux1i686net-snmp-perl< 5.5-54.1.20.amzn1net-snmp-perl-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux1x86_64net-snmp-libs< 5.5-54.1.20.amzn1net-snmp-libs-5.5-54.1.20.amzn1.x86_64.rpm
Amazon Linux1x86_64net-snmp< 5.5-54.1.20.amzn1net-snmp-5.5-54.1.20.amzn1.x86_64.rpm
Amazon Linux1x86_64net-snmp-python< 5.5-54.1.20.amzn1net-snmp-python-5.5-54.1.20.amzn1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
Amazon Linux	1	i686	net-snmp-devel	< 5.5-54.1.20.amzn1	net-snmp-devel-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux	1	i686	net-snmp-libs	< 5.5-54.1.20.amzn1	net-snmp-libs-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux	1	i686	net-snmp-utils	< 5.5-54.1.20.amzn1	net-snmp-utils-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux	1	i686	net-snmp-python	< 5.5-54.1.20.amzn1	net-snmp-python-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux	1	i686	net-snmp-debuginfo	< 5.5-54.1.20.amzn1	net-snmp-debuginfo-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux	1	i686	net-snmp	< 5.5-54.1.20.amzn1	net-snmp-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux	1	i686	net-snmp-perl	< 5.5-54.1.20.amzn1	net-snmp-perl-5.5-54.1.20.amzn1.i686.rpm
Amazon Linux	1	x86_64	net-snmp-libs	< 5.5-54.1.20.amzn1	net-snmp-libs-5.5-54.1.20.amzn1.x86_64.rpm
Amazon Linux	1	x86_64	net-snmp	< 5.5-54.1.20.amzn1	net-snmp-5.5-54.1.20.amzn1.x86_64.rpm
Amazon Linux	1	x86_64	net-snmp-python	< 5.5-54.1.20.amzn1	net-snmp-python-5.5-54.1.20.amzn1.x86_64.rpm