Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2014-0322)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123441

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2014-0322)

Resumen: The remote host is missing an update for the 'net-snmp' package(s) announced via the ELSA-2014-0322 advisory.

Descripción: Summary:
The remote host is missing an update for the 'net-snmp' package(s) announced via the ELSA-2014-0322 advisory.

Vulnerability Insight:
[5.3.2.2-22.0.2.el5_10.1]
- hrProcessorLoad returns incorrect values for CPUs greater than 100 (Jason Luan) [Orabug 17792842]
- snmptrapd: Fix crash due to access of freed memory (John Haxby) [orabug 14391194]
- suppress spurious asserts on 32bit [Greg Marsden]

[5.3.2.2-20.1]
- Fixed CVE-2012-6151: snmpd crashing when AgentX subagent disconnects in
the middle of request processing (#1073224)
- Fixed CVE-2014-2285: snmptrapd crash when using a trap with empty community
string (#1073224)

Affected Software/OS:
'net-snmp' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-6151
55804
http://secunia.com/advisories/55804
57870
http://secunia.com/advisories/57870
59974
http://secunia.com/advisories/59974
64048
http://www.securityfocus.com/bid/64048
APPLE-SA-2015-10-21-4
http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
GLSA-201409-02
http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml
RHSA-2014:0322
https://rhn.redhat.com/errata/RHSA-2014-0322.html
USN-2166-1
http://www.ubuntu.com/usn/USN-2166-1
[oss-security] 20131202 NMPD DoS #2411 snmpd crashes/hangs when AgentX subagent times-out
http://seclists.org/oss-sec/2013/q4/398
[oss-security] 20131202 Re: SNMPD DoS #2411 snmpd crashes/hangs when AgentX subagent times-out
http://seclists.org/oss-sec/2013/q4/415
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://sourceforge.net/p/net-snmp/bugs/2411/
https://bugzilla.redhat.com/show_bug.cgi?id=1038007
https://support.apple.com/HT205375
netsnmp-cve20126151-dos(89485)
https://exchange.xforce.ibmcloud.com/vulnerabilities/89485
Common Vulnerability Exposure (CVE) ID: CVE-2014-2285
http://www.nntp.perl.org/group/perl.perl5.porters/2006/09/msg116250.html
http://comments.gmane.org/gmane.comp.security.oss.general/12284
RedHat Security Advisories: RHSA-2014:0322
SuSE Security Announcement: openSUSE-SU-2014:0398 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-03/msg00060.html
SuSE Security Announcement: openSUSE-SU-2014:0399 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-03/msg00061.html

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123441
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2014-0322)
Resumen:	The remote host is missing an update for the 'net-snmp' package(s) announced via the ELSA-2014-0322 advisory.
Descripción:	Summary: The remote host is missing an update for the 'net-snmp' package(s) announced via the ELSA-2014-0322 advisory. Vulnerability Insight: [5.3.2.2-22.0.2.el5_10.1] - hrProcessorLoad returns incorrect values for CPUs greater than 100 (Jason Luan) [Orabug 17792842] - snmptrapd: Fix crash due to access of freed memory (John Haxby) [orabug 14391194] - suppress spurious asserts on 32bit [Greg Marsden] [5.3.2.2-20.1] - Fixed CVE-2012-6151: snmpd crashing when AgentX subagent disconnects in the middle of request processing (#1073224) - Fixed CVE-2014-2285: snmptrapd crash when using a trap with empty community string (#1073224) Affected Software/OS: 'net-snmp' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-6151 55804 http://secunia.com/advisories/55804 57870 http://secunia.com/advisories/57870 59974 http://secunia.com/advisories/59974 64048 http://www.securityfocus.com/bid/64048 APPLE-SA-2015-10-21-4 http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html GLSA-201409-02 http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml RHSA-2014:0322 https://rhn.redhat.com/errata/RHSA-2014-0322.html USN-2166-1 http://www.ubuntu.com/usn/USN-2166-1 [oss-security] 20131202 NMPD DoS #2411 snmpd crashes/hangs when AgentX subagent times-out http://seclists.org/oss-sec/2013/q4/398 [oss-security] 20131202 Re: SNMPD DoS #2411 snmpd crashes/hangs when AgentX subagent times-out http://seclists.org/oss-sec/2013/q4/415 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://sourceforge.net/p/net-snmp/bugs/2411/ https://bugzilla.redhat.com/show_bug.cgi?id=1038007 https://support.apple.com/HT205375 netsnmp-cve20126151-dos(89485) https://exchange.xforce.ibmcloud.com/vulnerabilities/89485 Common Vulnerability Exposure (CVE) ID: CVE-2014-2285 http://www.nntp.perl.org/group/perl.perl5.porters/2006/09/msg116250.html http://comments.gmane.org/gmane.comp.security.oss.general/12284 RedHat Security Advisories: RHSA-2014:0322 SuSE Security Announcement: openSUSE-SU-2014:0398 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-03/msg00060.html SuSE Security Announcement: openSUSE-SU-2014:0399 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-03/msg00061.html
Copyright	Copyright (C) 2015 Greenbone AG