net-snmp -- several vulnerabilities

ID DSA-1663
Type debian
Reporter Debian
Modified 2008-11-09T00:00:00


Several vulnerabilities have been discovered in NET SNMP, a suite of Simple Network Management Protocol applications. The Common Vulnerabilities and Exposures project identifies the following problems:

Wes Hardaker reported that the SNMPv3 HMAC verification relies on the client to specify the HMAC length, which allows spoofing of authenticated SNMPv3 packets.

John Kortink reported a buffer overflow in the __snprint_value function in snmp_get causing a denial of service and potentially allowing the execution of arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).

It was reported that an integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c allows remote attackers to cause a denial of service attack via a crafted SNMP GETBULK request.

For the stable distribution (etch), these problems has been fixed in version 5.2.3-7etch4.

For the testing distribution (lenny) and unstable distribution (sid) these problems have been fixed in version 5.4.1~dfsg-11.

We recommend that you upgrade your net-snmp package.