Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2022-0311)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2022.0311

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2022-0311)

Resumen: The remote host is missing an update for the 'net-snmp' package(s) announced via the MGASA-2022-0311 advisory.

Descripción: Summary:
The remote host is missing an update for the 'net-snmp' package(s) announced via the MGASA-2022-0311 advisory.

Vulnerability Insight:
A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can
cause an out-of-bounds memory access. (CVE-2022-24805)
Buffer overflow and out of bounds memory access. (CVE-2022-24806)
A malformed OID in a SET request to
SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory
access. (CVE-2022-24807)
A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can
cause a NULL pointer dereference. (CVE-2022-24808)
A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL
pointer dereference. (CVE-2022-24809)
A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer
dereference. (CVE-2022-24810)

Affected Software/OS:
'net-snmp' package(s) on Mageia 8.

Solution:
Please install the updated package(s).

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2022-24805
https://bugzilla.redhat.com/show_bug.cgi?id=2103225
https://bugzilla.redhat.com/show_bug.cgi?id=2105238
https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937
https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775
https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/
https://security.gentoo.org/glsa/202210-29
https://www.debian.org/security/2022/dsa-5209
Common Vulnerability Exposure (CVE) ID: CVE-2022-24806
Common Vulnerability Exposure (CVE) ID: CVE-2022-24807
https://bugzilla.redhat.com/show_bug.cgi?id=2105239
Common Vulnerability Exposure (CVE) ID: CVE-2022-24808
https://bugzilla.redhat.com/show_bug.cgi?id=2105240
Common Vulnerability Exposure (CVE) ID: CVE-2022-24809
https://bugzilla.redhat.com/show_bug.cgi?id=2105242
Common Vulnerability Exposure (CVE) ID: CVE-2022-24810
https://bugzilla.redhat.com/show_bug.cgi?id=2105241

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2022.0311
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2022-0311)
Resumen:	The remote host is missing an update for the 'net-snmp' package(s) announced via the MGASA-2022-0311 advisory.
Descripción:	Summary: The remote host is missing an update for the 'net-snmp' package(s) announced via the MGASA-2022-0311 advisory. Vulnerability Insight: A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. (CVE-2022-24805) Buffer overflow and out of bounds memory access. (CVE-2022-24806) A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access. (CVE-2022-24807) A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference. (CVE-2022-24808) A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference. (CVE-2022-24809) A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference. (CVE-2022-24810) Affected Software/OS: 'net-snmp' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-24805 https://bugzilla.redhat.com/show_bug.cgi?id=2103225 https://bugzilla.redhat.com/show_bug.cgi?id=2105238 https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937 https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775 https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/ https://security.gentoo.org/glsa/202210-29 https://www.debian.org/security/2022/dsa-5209 Common Vulnerability Exposure (CVE) ID: CVE-2022-24806 Common Vulnerability Exposure (CVE) ID: CVE-2022-24807 https://bugzilla.redhat.com/show_bug.cgi?id=2105239 Common Vulnerability Exposure (CVE) ID: CVE-2022-24808 https://bugzilla.redhat.com/show_bug.cgi?id=2105240 Common Vulnerability Exposure (CVE) ID: CVE-2022-24809 https://bugzilla.redhat.com/show_bug.cgi?id=2105242 Common Vulnerability Exposure (CVE) ID: CVE-2022-24810 https://bugzilla.redhat.com/show_bug.cgi?id=2105241
Copyright	Copyright (C) 2022 Greenbone AG