ID de Prueba:	1.3.6.1.4.1.25623.1.0.62919
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2008:225 (net-snmp)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to net-snmp announced via advisory MDVSA-2008:225. A denial of service vulnerability was discovered in how Net-SNMP processed GETBULK requests. A remote attacker with read access to the SNMP server could issue a specially-crafted request which would cause snmpd to crash (CVE-2008-4309). Please note that for this to be successfully exploited, an attacker must have read access to the SNMP server. By default, the public community name grants read-only access, however it is recommended that the default community name be changed in production. The updated packages have been patched to correct this issue. Affected: 2008.0, 2008.1, 2009.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:225 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4309 1021129 http://www.securitytracker.com/id?1021129 20081112 rPSA-2008-0315-1 net-snmp net-snmp-client net-snmp-server net-snmp-utils http://www.securityfocus.com/archive/1/498280/100/0/threaded 262908 http://sunsolve.sun.com/search/document.do?assetkey=1-26-262908-1 32020 http://www.securityfocus.com/bid/32020 32539 http://secunia.com/advisories/32539 32560 http://secunia.com/advisories/32560 32664 http://secunia.com/advisories/32664 32711 http://secunia.com/advisories/32711 33003 http://secunia.com/advisories/33003 33095 http://secunia.com/advisories/33095 33631 http://secunia.com/advisories/33631 33746 http://secunia.com/advisories/33746 33821 http://secunia.com/advisories/33821 35074 http://secunia.com/advisories/35074 35679 http://secunia.com/advisories/35679 ADV-2008-2973 http://www.vupen.com/english/advisories/2008/2973 ADV-2008-3400 http://www.vupen.com/english/advisories/2008/3400 ADV-2009-0301 http://www.vupen.com/english/advisories/2009/0301 ADV-2009-1297 http://www.vupen.com/english/advisories/2009/1297 ADV-2009-1771 http://www.vupen.com/english/advisories/2009/1771 APPLE-SA-2009-05-12 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html APPLE-SA-2010-12-16-1 http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html DSA-1663 http://www.debian.org/security/2008/dsa-1663 GLSA-200901-15 http://security.gentoo.org/glsa/glsa-200901-15.xml HPSBMA02447 http://marc.info/?l=bugtraq&m=125017764422557&w=2 MDVSA-2008:225 http://www.mandriva.com/security/advisories?name=MDVSA-2008:225 RHSA-2008:0971 http://www.redhat.com/support/errata/RHSA-2008-0971.html SSRT090062 SUSE-SR:2009:003 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html USN-685-1 http://www.ubuntu.com/usn/usn-685-1 [oss-security] 20081031 New net-snmp DoS http://www.openwall.com/lists/oss-security/2008/10/31/1 http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-2-5-1/net-snmp/agent/snmp_agent.c?r1=17271&r2=17272&pathrev=17272 http://sourceforge.net/forum/forum.php?forum_id=882903 http://support.apple.com/kb/HT3549 http://support.apple.com/kb/HT4298 http://support.avaya.com/elmodocs2/security/ASA-2008-467.htm http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0315 http://www.vmware.com/security/advisories/VMSA-2009-0001.html netsnmp-netsnmpcreatesubtreecache-dos(46262) https://exchange.xforce.ibmcloud.com/vulnerabilities/46262 oval:org.mitre.oval:def:6171 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6171 oval:org.mitre.oval:def:6353 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6353 oval:org.mitre.oval:def:9860 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9860
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.