net security update

ID CESA-2005:395
Type centos
Reporter CentOS Project
Modified 2005-10-06T00:21:57


CentOS Errata and Security Advisory CESA-2005:395

SNMP (Simple Network Management Protocol) is a protocol used for network management.

A denial of service bug was found in the way net-snmp uses network stream protocols. It is possible for a remote attacker to send a net-snmp agent a specially crafted packet that will crash the agent. The Common Vulnerabilities and Exposures project ( has assigned the name CAN-2005-2177 to this issue.

An insecure temporary file usage bug was found in net-snmp's fixproc command. It is possible for a local user to modify the content of temporary files used by fixproc that can lead to arbitrary command execution. The Common Vulnerabilities and Exposures project ( has assigned the name CAN-2005-1740 to this issue.

Additionally, the following bugs have been fixed: - The lmSensors are correctly recognized, snmp deamon no longer segfaults - The larger swap partition sizes are correctly reported - Querying hrSWInstalledLastUpdateTime no longer crashes the snmp deamon - Fixed error building ASN.1 representation - The 64-bit network counters correctly wrap - Large file systems are correctly handled - Snmptrapd initscript correctly reads options from its configuration file /etc/snmp/snmptrapd.options - Snmp deamon no longer crashes when restarted using the agentX protocol - snmp daemon now reports gigabit Ethernet speeds correctly - MAC adresses are shown when requested instead of IP adresses

All users of net-snmp should upgrade to these updated packages, which resolve these issues.

Merged security bulletin from advisories:

Affected packages: net-snmp net-snmp-devel net-snmp-libs net-snmp-perl net-snmp-utils

Upstream details at: