VUPEN Security - Mandriva Security Update Fixes Ucd-snmp Denial of Service Issue / Exploit (Security Advisories)

	Contact \| Site en Français

VUPEN VNS v4.0

Features and Options

Free 14-Day Trial

Partner Program

Receive More Information

Latest Intelligence

VUPEN Security Advisories

Virus and Malware Alerts

VUPEN Security Research

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> Mandriva Security Update Fixes Ucd-snmp Denial of Service Issue

Title : Mandriva Security Update Fixes Ucd-snmp Denial of Service Issue
VUPEN ID : VUPEN/ADV-2005-1395
CVE ID : CVE-2005-2177
CWE ID : VUPEN VNS Only

CVSS V2 : VUPEN VNS Only

Rated as : Low Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-08-12

Technical Description

Receive VUPEN Security alerts in a Text format

Receive VUPEN Security alerts in a PDF format

Receive VUPEN Security alerts in an XML format

Mandriva has released updated packages to correct a vulnerability identified in Ucd-snmp. This flaw is due to an error in the way ucd-snmp uses network stream protocols, which could be exploited by attackers to cause a denial of service. For additional information, see : VUPEN/ADV-2005-1358

Affected Products

Mandrakelinux 10.0
Mandrakelinux 10.1
Corporate Server 2.1
Corporate 3.0

Solution

Use MandrakeUpdate to apply patches :

Mandrakelinux 10.0:
1ec82c6bba06b67fab79512b5d69991f 10.0/RPMS/libsnmp0-4.2.3-8.1.100mdk.i586.rpm
2f71452cb8c240901b01cae587cb99a0 10.0/RPMS/libsnmp0-devel-4.2.3-8.1.100mdk.i586.rpm
991e54c57ec7d6d0347d0fb01299ed7b 10.0/RPMS/ucd-snmp-4.2.3-8.1.100mdk.i586.rpm
03c23cc0777224e66e382df0310e9284 10.0/RPMS/ucd-snmp-utils-4.2.3-8.1.100mdk.i586.rpm
656b798cb43a4fa9b6311a15a7255e53 10.0/SRPMS/ucd-snmp-4.2.3-8.1.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
6b67f45785c222cf3ec311e7a1e11aa2 amd64/10.0/RPMS/lib64snmp0-4.2.3-8.1.100mdk.amd64.rpm
ba7744a7506b3c3b46d6d81b0e2a17dd amd64/10.0/RPMS/lib64snmp0-devel-4.2.3-8.1.100mdk.amd64.rpm
57ffd179857bdf9d77bc92b89a9eb5ba amd64/10.0/RPMS/ucd-snmp-4.2.3-8.1.100mdk.amd64.rpm
f3aa3c69a2c96d6c5ef6f977091d0390 amd64/10.0/RPMS/ucd-snmp-utils-4.2.3-8.1.100mdk.amd64.rpm
656b798cb43a4fa9b6311a15a7255e53 amd64/10.0/SRPMS/ucd-snmp-4.2.3-8.1.100mdk.src.rpm

Mandrakelinux 10.1:
d21f32fa4f6d9237132d67a8fe1b4a98 10.1/RPMS/libsnmp0-4.2.3-11.1.101mdk.i586.rpm
8ad8f1d530f8596220c72f98fe67097b 10.1/RPMS/libsnmp0-devel-4.2.3-11.1.101mdk.i586.rpm
d1c8c884b432ea3dd02a6fe08d8a5f57 10.1/RPMS/ucd-snmp-4.2.3-11.1.101mdk.i586.rpm
c7b3c2f5fe98def745a564712bbf8296 10.1/RPMS/ucd-snmp-utils-4.2.3-11.1.101mdk.i586.rpm
9abd6284019ce141e0903aa37799f35f 10.1/SRPMS/ucd-snmp-4.2.3-11.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
0cf3cdf2c2fd9f499030fc1e1aa04d3f x86_64/10.1/RPMS/lib64snmp0-4.2.3-11.1.101mdk.x86_64.rpm
e6e8d2722098f70f977d2d928b32a2ef x86_64/10.1/RPMS/lib64snmp0-devel-4.2.3-11.1.101mdk.x86_64.rpm
ca7025278a9b5d2f5c3d36180a5c821b x86_64/10.1/RPMS/ucd-snmp-4.2.3-11.1.101mdk.x86_64.rpm
aa7c499f22e26a12ff3de0da204028dd x86_64/10.1/RPMS/ucd-snmp-utils-4.2.3-11.1.101mdk.x86_64.rpm
9abd6284019ce141e0903aa37799f35f x86_64/10.1/SRPMS/ucd-snmp-4.2.3-11.1.101mdk.src.rpm

Corporate Server 2.1:
6d491b7a64870b3e9f836a05c7a913ee corporate/2.1/RPMS/libsnmp0-4.2.3-4.1.C21mdk.i586.rpm
896f988b8ec39d98e5d5610d481c4b42 corporate/2.1/RPMS/libsnmp0-devel-4.2.3-4.1.C21mdk.i586.rpm
0edbe96f4d21e36da8f0390a68ce66ed corporate/2.1/RPMS/ucd-snmp-4.2.3-4.1.C21mdk.i586.rpm
d3fd811451030ca94ceb9fcefd2f1fbb corporate/2.1/RPMS/ucd-snmp-utils-4.2.3-4.1.C21mdk.i586.rpm
cb4f36a706cf22b259dce990accd0073 corporate/2.1/SRPMS/ucd-snmp-4.2.3-4.1.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
04503e5c624db249276f1443e1447eb3 x86_64/corporate/2.1/RPMS/libsnmp0-4.2.3-4.1.C21mdk.x86_64.rpm
f122515b0bc5bf07ba097fa511b7e5c9 x86_64/corporate/2.1/RPMS/libsnmp0-devel-4.2.3-4.1.C21mdk.x86_64.rpm
65e892b827b65da9dba1e4b8589a42fe x86_64/corporate/2.1/RPMS/ucd-snmp-4.2.3-4.1.C21mdk.x86_64.rpm
7ad7585692e61205b2655ee8c3357f4d x86_64/corporate/2.1/RPMS/ucd-snmp-utils-4.2.3-4.1.C21mdk.x86_64.rpm
cb4f36a706cf22b259dce990accd0073 x86_64/corporate/2.1/SRPMS/ucd-snmp-4.2.3-4.1.C21mdk.src.rpm

Corporate 3.0:
806a8b30df5fdab502fd4212010fe966 corporate/3.0/RPMS/libsnmp0-4.2.3-8.1.C30mdk.i586.rpm
a17b9b5a8a64b4eea1182780cb047c43 corporate/3.0/RPMS/libsnmp0-devel-4.2.3-8.1.C30mdk.i586.rpm
d79ecaaec17d6890cfcc5e3ddfbd0b59 corporate/3.0/RPMS/ucd-snmp-4.2.3-8.1.C30mdk.i586.rpm
e38b6010ca5a50923487d0da60b124fa corporate/3.0/RPMS/ucd-snmp-utils-4.2.3-8.1.C30mdk.i586.rpm
331f9d7c8087be72b048422556b2e6b3 corporate/3.0/SRPMS/ucd-snmp-4.2.3-8.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
8debb15a1a7ae05cda3cc280605ccf5a x86_64/corporate/3.0/RPMS/lib64snmp0-4.2.3-8.1.C30mdk.x86_64.rpm
e6f458df2f1d5c058e6d7a0d7f8573aa x86_64/corporate/3.0/RPMS/lib64snmp0-devel-4.2.3-8.1.C30mdk.x86_64.rpm
1e6ac132e2090a88df63912219948ffc x86_64/corporate/3.0/RPMS/ucd-snmp-4.2.3-8.1.C30mdk.x86_64.rpm
90e5cea17f37f6107a0fada648b692ea x86_64/corporate/3.0/RPMS/ucd-snmp-utils-4.2.3-8.1.C30mdk.x86_64.rpm
331f9d7c8087be72b048422556b2e6b3 x86_64/corporate/3.0/SRPMS/ucd-snmp-4.2.3-8.1.C30mdk.src.rpm

References

http://www.vupen.com/english/advisories/2005/1395
http://archives.mandrivalinux.com/security-announce/2005-08/msg00007.php

ChangeLog

2005-08-12 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts with CVE, CWE, and CVSS when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

VUPEN Vulnerability
Notification Service

Latest Advisories

>> 2010-03-19

CA ARCserve Backup JRE Code Execution and Security Bypass Issues

>> 2010-03-19

Debian Security Update Fixes PHP XML-RPC Denial of Service Issue

>> 2010-03-19

Ubuntu Security Update Fixes Thunderbird Multiple Vulnerabilities

>> 2010-03-18

IBM DB2 Content Manager Web Services Single Sign-on Vulnerability

>> 2010-03-18

Transmission "tr_magnetParse()" Magnet Buffer Overflow Vulnerability

More Informations