Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2012:099 (net-snmp)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.72124

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2012:099 (net-snmp)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to net-snmp
announced via advisory MDVSA-2012:099.

A vulnerability has been discovered and corrected in net-snmp:

An array index error, leading to out-of heap-based buffer read flaw
was found in the way net-snmp agent performed entries lookup in the
extension table. When certain MIB subtree was handled by the extend
directive, a remote attacker having read privilege to the subtree could
use this flaw to cause a denial of service (snmpd crash) via SNMP GET
request involving a non-existent extension table entry (CVE-2012-2141).

The updated packages have been patched to correct this issue.

Affected: 2010.1, 2011., Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:099

Risk factor : High

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-2141
1026984
http://www.securitytracker.com/id?1026984
48938
http://secunia.com/advisories/48938
53255
http://www.securityfocus.com/bid/53255
53258
http://www.securityfocus.com/bid/53258
59974
http://secunia.com/advisories/59974
GLSA-201409-02
http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml
RHSA-2013:0124
http://rhn.redhat.com/errata/RHSA-2013-0124.html
[oss-security] 20120426 CVE Request -- net-snmp: Array index error, leading to out-of heap-based buffer read (snmpd crash)
http://www.openwall.com/lists/oss-security/2012/04/26/2
[oss-security] 20120426 Re: CVE Request -- net-snmp: Array index error, leading to out-of heap-based buffer read (snmpd crash)
http://www.openwall.com/lists/oss-security/2012/04/26/3
http://support.citrix.com/article/CTX139049
https://bugzilla.redhat.com/show_bug.cgi?id=815813
netsnmp-snmpget-dos(75169)
https://exchange.xforce.ibmcloud.com/vulnerabilities/75169

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72124
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2012:099 (net-snmp)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to net-snmp announced via advisory MDVSA-2012:099. A vulnerability has been discovered and corrected in net-snmp: An array index error, leading to out-of heap-based buffer read flaw was found in the way net-snmp agent performed entries lookup in the extension table. When certain MIB subtree was handled by the extend directive, a remote attacker having read privilege to the subtree could use this flaw to cause a denial of service (snmpd crash) via SNMP GET request involving a non-existent extension table entry (CVE-2012-2141). The updated packages have been patched to correct this issue. Affected: 2010.1, 2011., Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:099 Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2141 1026984 http://www.securitytracker.com/id?1026984 48938 http://secunia.com/advisories/48938 53255 http://www.securityfocus.com/bid/53255 53258 http://www.securityfocus.com/bid/53258 59974 http://secunia.com/advisories/59974 GLSA-201409-02 http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml RHSA-2013:0124 http://rhn.redhat.com/errata/RHSA-2013-0124.html [oss-security] 20120426 CVE Request -- net-snmp: Array index error, leading to out-of heap-based buffer read (snmpd crash) http://www.openwall.com/lists/oss-security/2012/04/26/2 [oss-security] 20120426 Re: CVE Request -- net-snmp: Array index error, leading to out-of heap-based buffer read (snmpd crash) http://www.openwall.com/lists/oss-security/2012/04/26/3 http://support.citrix.com/article/CTX139049 https://bugzilla.redhat.com/show_bug.cgi?id=815813 netsnmp-snmpget-dos(75169) https://exchange.xforce.ibmcloud.com/vulnerabilities/75169
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com