Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2008:0971
HistoryNov 03, 2008 - 7:25 p.m.

net security update

2008-11-0319:25:11
CentOS Project
lists.centos.org
48

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.049 Low

EPSS

Percentile

92.7%

JSON

CentOS Errata and Security Advisory CESA-2008:0971

The Simple Network Management Protocol (SNMP) is a protocol used for
network management.

A denial-of-service flaw was found in the way Net-SNMP processes SNMP
GETBULK requests. A remote attacker who issued a specially-crafted request
could cause the snmpd server to crash. (CVE-2008-4309)

Note: An attacker must have read access to the SNMP server in order to
exploit this flaw. In the default configuration, the community name
β€œpublic” grants read-only access. In production deployments, it is
recommended to change this default community name.

All users of net-snmp should upgrade to these updated packages, which
contain a backported patch to resolve this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-November/077527.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077528.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077529.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077530.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077547.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077548.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077549.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077550.html

Affected packages:
net-snmp
net-snmp-devel
net-snmp-libs
net-snmp-perl
net-snmp-utils

Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0971

OSVersionArchitecturePackageVersionFilename
CentOS5i386net-snmp<Β 5.3.1-24.el5_2.2net-snmp-5.3.1-24.el5_2.2.i386.rpm
CentOS5i386net-snmp-devel<Β 5.3.1-24.el5_2.2net-snmp-devel-5.3.1-24.el5_2.2.i386.rpm
CentOS5i386net-snmp-libs<Β 5.3.1-24.el5_2.2net-snmp-libs-5.3.1-24.el5_2.2.i386.rpm
CentOS5i386net-snmp-perl<Β 5.3.1-24.el5_2.2net-snmp-perl-5.3.1-24.el5_2.2.i386.rpm
CentOS5i386net-snmp-utils<Β 5.3.1-24.el5_2.2net-snmp-utils-5.3.1-24.el5_2.2.i386.rpm
CentOS5x86_64net-snmp<Β 5.3.1-24.el5_2.2net-snmp-5.3.1-24.el5_2.2.x86_64.rpm
CentOS5i386net-snmp-devel<Β 5.3.1-24.el5_2.2net-snmp-devel-5.3.1-24.el5_2.2.i386.rpm
CentOS5x86_64net-snmp-devel<Β 5.3.1-24.el5_2.2net-snmp-devel-5.3.1-24.el5_2.2.x86_64.rpm
CentOS5i386net-snmp-libs<Β 5.3.1-24.el5_2.2net-snmp-libs-5.3.1-24.el5_2.2.i386.rpm
CentOS5x86_64net-snmp-libs<Β 5.3.1-24.el5_2.2net-snmp-libs-5.3.1-24.el5_2.2.x86_64.rpm
Rows per page:
1-10 of 531

Related

checkpoint_advisories 1
openvas 37
nessus 29
fedora 4
prion 2
debiancve 2
veracode 1
gentoo 1
ubuntucve 2
freebsd 1
oraclelinux 1
seebug 1
slackware 1
redhat 1
cve 2
securityvulns 5
vmware 3
ubuntu 1
debian 1
osv 1
checkpoint_advisories
checkpoint_advisories
Update Protection against Net-SNMP Denial of Service
2009-02-06 00:00:00
openvas
openvas
SLES9: Security update for net-snmp
2009-10-10 00:00:00
Fedora Update for net-snmp FEDORA-2008-10451
2009-02-16 00:00:00
Slackware: Security Advisory (SSA:2008-320-02)
2012-09-10 00:00:00
nessus
nessus
Oracle Linux 3 / 4 / 5 : net-snmp (ELSA-2008-0971)
2013-07-12 00:00:00
GLSA-200901-15 : Net-SNMP: Denial of Service
2009-01-22 00:00:00
FreeBSD : net-snmp -- DoS for SNMP agent via crafted GETBULK request (daf045d7-b211-11dd-a987-000c29ca8953)
2008-11-14 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: net-snmp-5.4.2.1-1.fc10
2008-11-27 02:10:26
[SECURITY] Fedora 10 Update: net-snmp-5.4.2.1-3.fc10
2009-02-17 15:39:27
[SECURITY] Fedora 8 Update: net-snmp-5.4.1-8.fc8
2008-11-06 04:05:02
prion
prion
Integer overflow
2008-10-31 20:29:00
Code injection
2009-06-26 18:30:00
debiancve
debiancve
CVE-2008-4309
2008-10-31 20:29:00
CVE-2009-1887
2009-06-26 18:30:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:26:33
gentoo
gentoo
Net-SNMP: Denial of service
2009-01-21 00:00:00
ubuntucve
ubuntucve
CVE-2008-4309
2008-10-31 00:00:00
CVE-2009-1887
2009-06-26 00:00:00
freebsd
freebsd
net-snmp -- DoS for SNMP agent via crafted GETBULK request
2008-10-12 00:00:00
oraclelinux
oraclelinux
net-snmp security update
2008-11-03 00:00:00
seebug
seebug
Net-SNMP GETBULKθ―·ζ±‚ζ•΄ζ•°ζΊ’ε‡Ίζ‹’η»ζœεŠ‘ζΌζ΄ž
2008-11-05 00:00:00
slackware
slackware
[slackware-security] net-snmp
2008-11-16 07:01:28
redhat
redhat
(RHSA-2008:0971) Important: net-snmp security update
2008-11-03 00:00:00
cve
cve
CVE-2008-4309
2008-10-31 20:29:00
CVE-2009-1887
2009-06-26 18:30:00
securityvulns
securityvulns
[ MDVSA-2009:156 ] net-snmp
2009-07-20 00:00:00
net-snmp multiple security vulnerabilities
2009-07-20 00:00:00
[SECURITY] [DSA 1663-1] New net-snmp packages fix several vulnerabilities
2008-11-10 00:00:00
vmware
vmware
VMSA-2010-0003.1 ESX Service Console update for net-snmp
2010-02-16 00:00:00
ESX patches address an issue loading corrupt virtual disks and update Service Console packages
2009-01-30 00:00:00
ESX patches address an issue loading corrupt virtual disks and update Service Console packages
2009-01-30 00:00:00
ubuntu
ubuntu
Net-SNMP vulnerabilities
2008-12-03 00:00:00
debian
debian
[SECURITY] [DSA 1663-1] New net-snmp packages fix several vulnerabilities
2008-11-09 09:49:16
osv
osv
net-snmp - several vulnerabilities
2008-11-09 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.049 Low

EPSS

Percentile

92.7%

JSON
Related for CESA-2008:0971
checkpoint_advisories1openvas37nessus29fedora4prion2debiancve2veracode1gentoo1ubuntucve2freebsd1oraclelinux1seebug1slackware1redhat1cve2securityvulns5vmware3ubuntu1debian1osv1