FrSIRT - Fedora Security Update Fixes Net-snmp Denial of Service Vulnerability / Exploit (Security Advisories)

French Security Incident Response Team

French

English

Fedora Security Update Fixes Net-snmp Denial of Service Vulnerability

Title : Fedora Security Update Fixes Net-snmp Denial of Service Vulnerability
Advisory ID : FrSIRT/ADV-2007-3946
CVE ID : CVE-2007-5846
Rated as : Low Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-11-21

Advisory Details

Description

Affected Products

Solution

References

Technical Description

A vulnerability has been identified in Fedora, which could be exploited by remote attackers to cause a denial of service [...]

Solution

Upgrade the affected packages :

c5c74d173a576a12e1283b7a6db98f1fb8bfc156 net-snmp-utils-5.4-16.fc7.ppc64.rpm
d4944b240189514954f4d9a70a3c7468bae4af93 net-snmp-devel-5.4-16.fc7.ppc64.rpm
492c96c5297c9423c0134eda1e88521549f5bdff net-snmp-5.4-16.fc7.ppc64.rpm
5dc8a6b124a057564ac5dcc01ce7d36959b8de62 net-snmp-perl-5.4-16.fc7.ppc64.rpm
64ef864ca29ae541d6644ef066e203d1fae59d29 net-snmp-debuginfo-5.4-16.fc7.ppc64.rpm
891b7029525183f95776defb3f376878ff2d17d4 net-snmp-libs-5.4-16.fc7.ppc64.rpm
f533a824a59c09d43ba35a0a5a86eeb877a73059 net-snmp-perl-5.4-16.fc7.i386.rpm
4a114a3b3beea42f88ba79b0e044a0548277af3e net-snmp-devel-5.4-16.fc7.i386.rpm
e949c9ee0bfef7e0f38fd7eddbc731a56e30bb00 net-snmp-utils-5.4-16.fc7.i386.rpm
e3b5d2ab29e0b24de00a7d8d294019488ee97a75 net-snmp-debuginfo-5.4-16.fc7.i386.rpm
ce44e4b76f6d41a4a548b5d48b73971271dbac19 net-snmp-5.4-16.fc7.i386.rpm
63ebe2f35fd665cabd392224578df18778e5634b net-snmp-libs-5.4-16.fc7.i386.rpm
9ef68c63ea55432a85417be319018d42d5a05c03 net-snmp-libs-5.4-16.fc7.x86_64.rpm
bfb213175425c3aeff644de9fd68311431a4f690 net-snmp-perl-5.4-16.fc7.x86_64.rpm
472f6dc09ace3ad2a7ec42d5b958f1bcc943319e net-snmp-utils-5.4-16.fc7.x86_64.rpm
d4b2de69058fda79256b25e04d0421506d5a7839 net-snmp-devel-5.4-16.fc7.x86_64.rpm
d6ecf1cdd1bdb0d3d7a003c21a1c113e13effde0 net-snmp-debuginfo-5.4-16.fc7.x86_64.rpm
1234519f2551110498f09ddc61bb40701b9b9ea8 net-snmp-5.4-16.fc7.x86_64.rpm
7befd1f6894f3cdd0f5fd0b98513a2075fb09a9b net-snmp-perl-5.4-16.fc7.ppc.rpm
9cc77e5c9c855f220aec842e382fcf8fc46c4a3d net-snmp-utils-5.4-16.fc7.ppc.rpm
109ba0b1bd78a3b6bcb8befa1fbd3093078019d8 net-snmp-debuginfo-5.4-16.fc7.ppc.rpm
350d847373044f1f5c550240b8fb130612c228b7 net-snmp-devel-5.4-16.fc7.ppc.rpm
d05f9ec7c0d14dc8ae1df0ba2c8b04bad1c65859 net-snmp-5.4-16.fc7.ppc.rpm
a38c915dc20b87f357e0c0b4d2f9bf2b3ef5ebae net-snmp-libs-5.4-16.fc7.ppc.rpm
1dbb1221483bd2d935a7df3dcf5f937e1205b9f6 net-snmp-5.4-16.fc7.src.rpm

ChangeLog

2007-11-21 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.

Mailinglist

	Cisco Products Remote DNS Cache Poisoning Vulnerability
	Cisco Wide Area Application Services CUPS Remote Vulnerability
	Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities
	Cisco Intrusion Prevention System Jumbo Frame Vulnerability
	Cisco VPN Client Deterministic Network Enhancer Privilege Escalation
	Cisco Products SNMPv3 Authentication Packets Vulnerabilities
	Cisco PIX and ASA Security Bypass and Denial of Service

	Apple iPhone and iPod touch Multiple Code Execution Vulnerabilities
	Apple Xcode Code Execution and Information Disclosure Vulnerabilities
	Apple TV Data Processing Remote Code Execution Vulnerabilities
	Apple Mac OS X Command Execution and Security Bypass Issues
	Apple Safari for Mac OS X Remote Code Execution Vulnerability
	Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability
	Apple Safari Code Execution and Information Disclosure Vulnerabilities

	Microsoft Office Word Document Handling Code Execution Vulnerability
	Microsoft SQL Server Privilege Escalation Vulnerabilities (MS08-040)
	Microsoft Exchange Server Cross Site Scripting Issues (MS08-039)
	Microsoft Windows Explorer Remote Code Execution (MS08-038)
	Microsoft Windows Multiple DNS Spoofing Vulnerabilities (MS08-037)
	Microsoft Access Snapshot Viewer ActiveX Control Vulnerability
	Microsoft Internet Explorer Frame Cross-Domain Scripting Vulnerability