Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Update for net-snmp RHSA-2013:0124-01
Summary:The remote host is missing an update for the 'net-snmp'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'net-snmp'
package(s) announced via the referenced advisory.

Vulnerability Insight:
These packages provide various libraries and tools for the Simple Network
Management Protocol (SNMP).

An out-of-bounds buffer read flaw was found in the net-snmp agent. A remote
attacker with read privileges to a Management Information Base (MIB)
subtree handled by the extend directive (/etc/snmp/snmpd.conf)
could use this flaw to crash snmpd via a crafted SNMP GET request.

Bug fixes:

* Devices that used certain file systems were not reported in the
'HOST-RESOURCES-MIB::hrStorageTable' table. As a result, the snmpd daemon
did not recognize devices using tmpfs, ReiserFS, and Oracle Cluster File
System (OCFS2) file systems. This update recognizes these devices and
reports them in the 'HOST-RESOURCES-MIB::hrStorageTable' table.
(BZ#754652, BZ#755958, BZ#822061)

* The snmptrapd (8) man page did not correctly describe how to load
multiple configuration files using the '-c' option. This update describes
correctly that multiple configuration files must be separated by a comma.

* Integers truncated from 64 to 32-bit were not correctly evaluated. As a
consequence, the snmpd daemon could enter an endless loop when encoding the
truncated integers to network format. This update modifies the underlying
code so that snmpd correctly checks truncated 64-bit integers. Now, snmpd
avoids an endless loop. (BZ#783892)

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
net-snmp on Red Hat Enterprise Linux (v. 5 server)

Please Install the Updated Packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-2141
BugTraq ID: 53255
BugTraq ID: 53258
RedHat Security Advisories: RHSA-2013:0124
XForce ISS Database: netsnmp-snmpget-dos(75169)
CopyrightCopyright (c) 2013 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.