OVAL Reference oval:com.redhat.rhsa:def:20080529

Oval Definition:

oval:com.redhat.rhsa:def:20080529

Revision Date:	2008-06-10	Version:	637
Title:	RHSA-2008:0529: net-snmp security update (Moderate)
Description:	The Simple Network Management Protocol (SNMP) is a protocol used for network management. A flaw was found in the way Net-SNMP checked an SNMPv3 packet's Keyed-Hash Message Authentication Code (HMAC). An attacker could use this flaw to spoof an authenticated SNMPv3 packet. (CVE-2008-0960) A buffer overflow was found in the Perl bindings for Net-SNMP. This could be exploited if an attacker could convince an application using the Net-SNMP Perl module to connect to a malicious SNMP agent. (CVE-2008-2292) All users of net-snmp should upgrade to these updated packages, which contain backported patches to resolve these issues.
Family:	unix	Class:	patch
Status:		Reference(s):	CVE-2008-0960 CVE-2008-2292 RHSA-2008:0529 RHSA-2008:0529-01 RHSA-2008:0529-01
Platform(s):	Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5	Product(s):
Definition Synopsis
Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 3 is installed AND net-snmp-utils is earlier than 0:5.0.9-2.30E.24 AND net-snmp-utils is signed with Red Hat master key net-snmp-devel is earlier than 0:5.0.9-2.30E.24 AND net-snmp-devel is signed with Red Hat master key net-snmp-libs is earlier than 0:5.0.9-2.30E.24 AND net-snmp-libs is signed with Red Hat master key net-snmp-perl is earlier than 0:5.0.9-2.30E.24 AND net-snmp-perl is signed with Red Hat master key net-snmp is earlier than 0:5.0.9-2.30E.24 AND net-snmp is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 4 is installed AND net-snmp-utils is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp-utils is signed with Red Hat master key net-snmp-devel is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp-devel is signed with Red Hat master key net-snmp-perl is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp-perl is signed with Red Hat master key net-snmp is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp is signed with Red Hat master key net-snmp-libs is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp-libs is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 5 is installed AND net-snmp-libs is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp-libs is signed with Red Hat redhatrelease key net-snmp is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp is signed with Red Hat redhatrelease key net-snmp-devel is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp-devel is signed with Red Hat redhatrelease key net-snmp-utils is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp-utils is signed with Red Hat redhatrelease key net-snmp-perl is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp-perl is signed with Red Hat redhatrelease key
Definition Synopsis
Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 4 is installed AND net-snmp is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp is signed with Red Hat redhatrelease2 key net-snmp-devel is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp-devel is signed with Red Hat redhatrelease2 key net-snmp-libs is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp-libs is signed with Red Hat redhatrelease2 key net-snmp-perl is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp-perl is signed with Red Hat redhatrelease2 key net-snmp-utils is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp-utils is signed with Red Hat redhatrelease2 key OR Package Information Red Hat Enterprise Linux 5 is installed AND net-snmp is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp is signed with Red Hat redhatrelease2 key net-snmp-devel is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp-devel is signed with Red Hat redhatrelease2 key net-snmp-libs is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp-libs is signed with Red Hat redhatrelease2 key net-snmp-perl is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp-perl is signed with Red Hat redhatrelease2 key net-snmp-utils is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp-utils is signed with Red Hat redhatrelease2 key
Definition Synopsis
Release Information Red Hat Enterprise Linux 3 is installed AND net-snmp is earlier than 0:5.0.9-2.30E.24 AND net-snmp is signed with Red Hat master key net-snmp-devel is earlier than 0:5.0.9-2.30E.24 AND net-snmp-devel is signed with Red Hat master key net-snmp-libs is earlier than 0:5.0.9-2.30E.24 AND net-snmp-libs is signed with Red Hat master key net-snmp-perl is earlier than 0:5.0.9-2.30E.24 AND net-snmp-perl is signed with Red Hat master key net-snmp-utils is earlier than 0:5.0.9-2.30E.24 AND net-snmp-utils is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 4 is installed AND net-snmp is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp is signed with Red Hat master key net-snmp-devel is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp-devel is signed with Red Hat master key net-snmp-libs is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp-libs is signed with Red Hat master key net-snmp-perl is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp-perl is signed with Red Hat master key net-snmp-utils is earlier than 0:5.1.2-11.el4_6.11.3 AND net-snmp-utils is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 5 is installed AND net-snmp is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp is signed with Red Hat redhatrelease key net-snmp-devel is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp-devel is signed with Red Hat redhatrelease key net-snmp-libs is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp-libs is signed with Red Hat redhatrelease key net-snmp-perl is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp-perl is signed with Red Hat redhatrelease key net-snmp-utils is earlier than 1:5.3.1-24.el5_2.1 AND net-snmp-utils is signed with Red Hat redhatrelease key

BACK