Oval Definition:oval:com.redhat.rhsa:def:20091124
Revision Date:2009-06-25Version:632
Title:RHSA-2009:1124: net-snmp security update (Moderate)
Description:The Simple Network Management Protocol (SNMP) is a protocol used for network management.

  • A divide-by-zero flaw was discovered in the snmpd daemon. A remote attacker could issue a specially-crafted GETBULK request that could crash the snmpd daemon. (CVE-2009-1887)

    Note: An attacker must have read access to the SNMP server in order to exploit this flaw. In the default configuration, the community name "public" grants read-only access. In production deployments, it is recommended to change this default community name.

    All net-snmp users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the snmpd and snmptrapd daemons will be restarted automatically.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2009-1887
    RHSA-2009:1124
    RHSA-2009:1124-01
    RHSA-2009:1124-01
    Platform(s):Red Hat Enterprise Linux 3
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • net-snmp is earlier than 0:5.0.9-2.30E.28
  • AND net-snmp is signed with Red Hat master key
  • net-snmp-devel is earlier than 0:5.0.9-2.30E.28
  • AND net-snmp-devel is signed with Red Hat master key
  • net-snmp-utils is earlier than 0:5.0.9-2.30E.28
  • AND net-snmp-utils is signed with Red Hat master key
  • net-snmp-libs is earlier than 0:5.0.9-2.30E.28
  • AND net-snmp-libs is signed with Red Hat master key
  • net-snmp-perl is earlier than 0:5.0.9-2.30E.28
  • AND net-snmp-perl is signed with Red Hat master key
    • BACK