ucd security update

ID CESA-2008:0528-01
Type centos
Reporter CentOS Project
Modified 2008-06-10T23:24:29


CentOS Errata and Security Advisory CESA-2008:0528-01

The Simple Network Management Protocol (SNMP) is a protocol used for network management.

A flaw was found in the way ucd-snmp checked an SNMPv3 packet's Keyed-Hash Message Authentication Code (HMAC). An attacker could use this flaw to spoof an authenticated SNMPv3 packet. (CVE-2008-0960)

All users of ucd-snmp should upgrade to these updated packages, which contain a backported patch to resolve this issue.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2008-June/027010.html

Affected packages: ucd-snmp ucd-snmp-devel ucd-snmp-utils

Upstream details at: https://rhn.redhat.com/errata/rh21as-errata.html