drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Net-SNMP
Name: |
Zwei Probleme in Net-SNMP |
|
ID: |
DSA-4154-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian jessie, Debian stretch |
|
Datum: |
Mi, 28. März 2018, 12:29 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5621
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000116 |
|
Applikationen: |
Net-SNMP |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4154-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 28, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : net-snmp CVE ID : CVE-2015-5621 CVE-2018-1000116 Debian Bug : 788964 894110
A heap corruption vulnerability was discovered in net-snmp, a suite of Simple Network Management Protocol applications, triggered when parsing the PDU prior to the authentication process. A remote, unauthenticated attacker can take advantage of this flaw to crash the snmpd process (causing a denial of service) or, potentially, execute arbitrary code with the privileges of the user running snmpd.
For the oldstable distribution (jessie), these problems have been fixed in version 5.7.2.1+dfsg-1+deb8u1.
For the stable distribution (stretch), these problems have been fixed before the initial release.
We recommend that you upgrade your net-snmp packages.
For the detailed security status of net-snmp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/net-snmp
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlq7XNZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RkPg//W2NXTKaf7mL0ewk5xR0bEaW2+nnuFYx2ETH6i83sjqxYH4Om7zFwhHUV OPeJhUoXdhH/6id0vtQpV94llVUJPDAfmZhad1Pwq+I7hTAYAFUQphc+Xj6MQJuV wCPUG4GICd+G0drzI83tHkczEZTtQhvY90rMgx2Mv6k4agbU76hUBwR6kTuITUMX t3Zqypv36UNvku+xrxwppKUMzpWgFNVOI6bBeWIjzosjTBOFNLFSVGSWNujQuJCk Q/rdvf46Nsz1Jko8QmjMiZvpiiBT6JxVkSoh3IhAQGy0iGbF59iqaqRNlJFNpVEs OxyFIIXOPaTlwHR21KYEXnuh9+uqIHPNojBfpW9GsWwaTWPHHEbsDrldWHt+pZNE Hmye8FFdkouIO6uu3DSjkPwuvWrtACYT1CDiBSW7gprIkeNY2DddVbSI9HWbIAoM lsI/RoaeIKUMbgs2YJ5Oir+Su4SiMQpmYcaMFW1h43+P1KrcYpc5BtdFc8aRS7xZ aNf+G23esxwl8C0G0+QEHjvuOGL3mjSbtkpodQyJ5yvc1DXRgE1zg8Gpactw2mXk 3i7rNNllwI/F5g72N5b5Kq/F2I8EKayq4vnvHpWKsyMeBzmbE4woLCfuzLbCskXe Rd8dKA6fafGy2IgKNKmSKoxa2V/Ko2Mm0sgq8cV1RqViEZvBiS0= =MR4R -----END PGP SIGNATURE-----
|
|
|
|