RedHatRHSA-2009:1124(RHSA-2009:1124) Moderate: net-snmp security update
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
81.3%
The Simple Network Management Protocol (SNMP) is a protocol used for
network management.
A divide-by-zero flaw was discovered in the snmpd daemon. A remote attacker
could issue a specially-crafted GETBULK request that could crash the snmpd
daemon. (CVE-2009-1887)
Note: An attacker must have read access to the SNMP server in order to
exploit this flaw. In the default configuration, the community name
“public” grants read-only access. In production deployments, it is
recommended to change this default community name.
All net-snmp users should upgrade to these updated packages, which contain
a backported patch to correct this issue. After installing the update, the
snmpd and snmptrapd daemons will be restarted automatically.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | ppc | net-snmp-libs | < 5.0.9-2.30E.28 | net-snmp-libs-5.0.9-2.30E.28.ppc.rpm |
| RedHat | any | ppc | net-snmp | < 5.0.9-2.30E.28 | net-snmp-5.0.9-2.30E.28.ppc.rpm |
| RedHat | any | ppc64 | net-snmp-libs | < 5.0.9-2.30E.28 | net-snmp-libs-5.0.9-2.30E.28.ppc64.rpm |
| RedHat | any | ppc | net-snmp-utils | < 5.0.9-2.30E.28 | net-snmp-utils-5.0.9-2.30E.28.ppc.rpm |
| RedHat | any | ppc | net-snmp-devel | < 5.0.9-2.30E.28 | net-snmp-devel-5.0.9-2.30E.28.ppc.rpm |
| RedHat | any | ppc | net-snmp-perl | < 5.0.9-2.30E.28 | net-snmp-perl-5.0.9-2.30E.28.ppc.rpm |
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
81.3%