Lucene search

K
centosCentOS ProjectCESA-2007:1045
HistoryNov 15, 2007 - 7:23 p.m.

net security update

2007-11-1519:23:48
CentOS Project
lists.centos.org
46

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.794 High

EPSS

Percentile

98.3%

CentOS Errata and Security Advisory CESA-2007:1045

Simple Network Management Protocol (SNMP) is a protocol used for network
management.

A flaw was discovered in the way net-snmp handled certain requests. A
remote attacker who can connect to the snmpd UDP port (161 by default)
could send a malicious packet causing snmpd to crash, resulting in a
denial of service. (CVE-2007-5846)

All users of net-snmp are advised to upgrade to these updated packages,
which contain a backported patch to resolve this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-November/076595.html
https://lists.centos.org/pipermail/centos-announce/2007-November/076601.html
https://lists.centos.org/pipermail/centos-announce/2007-November/076602.html
https://lists.centos.org/pipermail/centos-announce/2007-November/076605.html
https://lists.centos.org/pipermail/centos-announce/2007-November/076614.html
https://lists.centos.org/pipermail/centos-announce/2007-November/076615.html

Affected packages:
net-snmp
net-snmp-devel
net-snmp-libs
net-snmp-perl
net-snmp-utils

Upstream details at:
https://access.redhat.com/errata/RHSA-2007:1045

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.794 High

EPSS

Percentile

98.3%