CVE-2005-2177
CVSS5.0
发布时间 :2005-07-11 00:00:00
修订时间 :2011-05-19 00:00:00
NMCOPS    

[原文]Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop.


[CNNVD]Net-SNMP 流协议 拒绝服务漏洞(CNNVD-200507-081)

        Net-SNMP是一个免费的、开放源码的SNMP实现,以前称为UCD-SNMP。
        Net-SNMP多个版本(低于5.0.10.2的5.0.x系列, 低于5.2.1.2的5.2.x系列以及5.1.3)中存在拒绝服务漏洞,远程攻击者可能利用此漏洞导致SNMP服务崩溃。
        由于使用网络流协议的方式存在拒绝服务漏洞,如果向打开了基于流协议(EG、TCP)的Net-SNMP代理发送了恶意报文的话,就可能导致代理崩溃。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-20 [输入验证不恰当]

- CPE (受影响的平台与产品)

cpe:/a:net-snmp:net-snmp:5.0.8
cpe:/a:net-snmp:net-snmp:5.0.2
cpe:/a:net-snmp:net-snmp:5.0.3
cpe:/a:net-snmp:net-snmp:5.2.1
cpe:/a:net-snmp:net-snmp:5.0.4_pre2
cpe:/a:net-snmp:net-snmp:5.0.10
cpe:/a:net-snmp:net-snmp:5.0
cpe:/a:net-snmp:net-snmp:5.0.1
cpe:/a:net-snmp:net-snmp:5.2
cpe:/a:net-snmp:net-snmp:5.0.7
cpe:/a:net-snmp:net-snmp:5.0.5
cpe:/a:net-snmp:net-snmp:5.1.3
cpe:/a:net-snmp:net-snmp:5.0.9
cpe:/a:net-snmp:net-snmp:5.0.6

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:9986Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers ...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2177
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2177
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200507-081
(官方数据源) CNNVD

- 其它链接及资源

http://www.trustix.org/errata/2005/0034/
(VENDOR_ADVISORY)  TRUSTIX  2005-0034
http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455
(PATCH)  MLIST  [net-snmp-announce] 20050701 Multiple new Net-SNMP releases to fix a security related bug
http://www.vupen.com/english/advisories/2007/1883
(VENDOR_ADVISORY)  VUPEN  ADV-2007-1883
http://www.vupen.com/english/advisories/2006/4677
(VENDOR_ADVISORY)  VUPEN  ADV-2006-4677
http://www.vupen.com/english/advisories/2006/4502
(VENDOR_ADVISORY)  VUPEN  ADV-2006-4502
http://www.vmware.com/download/esx/esx-254-200610-patch.html
(UNKNOWN)  CONFIRM  http://www.vmware.com/download/esx/esx-254-200610-patch.html
http://www.vmware.com/download/esx/esx-213-200610-patch.html
(UNKNOWN)  CONFIRM  http://www.vmware.com/download/esx/esx-213-200610-patch.html
http://www.vmware.com/download/esx/esx-202-200610-patch.html
(UNKNOWN)  CONFIRM  http://www.vmware.com/download/esx/esx-202-200610-patch.html
http://www.ubuntu.com/usn/usn-190-1
(UNKNOWN)  UBUNTU  USN-190-1
http://www.securityfocus.com/bid/21256
(UNKNOWN)  BID  21256
http://www.securityfocus.com/bid/14168
(UNKNOWN)  BID  14168
http://www.securityfocus.com/archive/1/archive/1/451426/100/200/threaded
(UNKNOWN)  BUGTRAQ  20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2
http://www.securityfocus.com/archive/1/archive/1/451419/100/200/threaded
(UNKNOWN)  BUGTRAQ  20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1
http://www.securityfocus.com/archive/1/archive/1/451417/100/200/threaded
(UNKNOWN)  BUGTRAQ  20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2
http://www.securityfocus.com/archive/1/archive/1/451404/100/0/threaded
(UNKNOWN)  BUGTRAQ  20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4
http://www.redhat.com/support/errata/RHSA-2005-720.html
(UNKNOWN)  REDHAT  RHSA-2005:720
http://www.redhat.com/support/errata/RHSA-2005-395.html
(UNKNOWN)  REDHAT  RHSA-2005:395
http://www.redhat.com/support/errata/RHSA-2005-373.html
(UNKNOWN)  REDHAT  RHSA-2005:373
http://www.novell.com/linux/security/advisories/2007_13_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2007:013
http://www.novell.com/linux/security/advisories/2007_12_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2007:012
http://www.novell.com/linux/security/advisories/2005_24_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2005:024
http://www.net-snmp.org/about/ChangeLog.html
(UNKNOWN)  MISC  http://www.net-snmp.org/about/ChangeLog.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:025
(UNKNOWN)  MANDRIVA  MDKSA-2006:025
http://www.debian.org/security/2005/dsa-873
(UNKNOWN)  DEBIAN  DSA-873
http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf
(UNKNOWN)  CONFIRM  http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1
(UNKNOWN)  SUNALERT  102725
http://securitytracker.com/id?1017273
(UNKNOWN)  SECTRACK  1017273
http://secunia.com/advisories/25787
(VENDOR_ADVISORY)  SECUNIA  25787
http://secunia.com/advisories/25432
(VENDOR_ADVISORY)  SECUNIA  25432
http://secunia.com/advisories/25373
(VENDOR_ADVISORY)  SECUNIA  25373
http://secunia.com/advisories/23058
(VENDOR_ADVISORY)  SECUNIA  23058
http://secunia.com/advisories/22875
(VENDOR_ADVISORY)  SECUNIA  22875
http://secunia.com/advisories/18635
(VENDOR_ADVISORY)  SECUNIA  18635
http://secunia.com/advisories/17343
(VENDOR_ADVISORY)  SECUNIA  17343
http://secunia.com/advisories/17282
(VENDOR_ADVISORY)  SECUNIA  17282
http://secunia.com/advisories/17217
(VENDOR_ADVISORY)  SECUNIA  17217
http://secunia.com/advisories/17135
(VENDOR_ADVISORY)  SECUNIA  17135
http://secunia.com/advisories/17007
(VENDOR_ADVISORY)  SECUNIA  17007
http://secunia.com/advisories/16999
(VENDOR_ADVISORY)  SECUNIA  16999
http://secunia.com/advisories/15930
(VENDOR_ADVISORY)  SECUNIA  15930

- 漏洞信息

Net-SNMP 流协议 拒绝服务漏洞
中危 资料不足
2005-07-11 00:00:00 2007-04-12 00:00:00
远程  
        Net-SNMP是一个免费的、开放源码的SNMP实现,以前称为UCD-SNMP。
        Net-SNMP多个版本(低于5.0.10.2的5.0.x系列, 低于5.2.1.2的5.2.x系列以及5.1.3)中存在拒绝服务漏洞,远程攻击者可能利用此漏洞导致SNMP服务崩溃。
        由于使用网络流协议的方式存在拒绝服务漏洞,如果向打开了基于流协议(EG、TCP)的Net-SNMP代理发送了恶意报文的话,就可能导致代理崩溃。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        http://net-snmp.sourceforge.net/download.html

- 漏洞信息 (F52052)

VMware Security Advisory 2006-0008 (PacketStormID:F52052)
2006-11-14 00:00:00
VMware  vmware.com
advisory,vulnerability,python
CVE-2004-2069,CVE-2006-3403,CVE-2005-2177,CVE-2006-3467,CVE-2006-1056,CVE-2006-1342,CVE-2006-1343,CVE-2006-1864,CVE-2006-2071
[点击下载]

VMware Security Advisory - A new update has been released for VMware ESX 2.0.2 versions prior to upgrade patch 2. This patch addresses vulnerabilities in Openssh, samba, Python, ucd-snmp, XFree86, and more.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- - -------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID:       VMSA-2006-0008
Synopsis:          VMware ESX Server 2.0.2 Upgrade Patch 2
Patch URL: http://www.vmware.com/download/esx/esx-202-200610-patch.html
Issue date:        2006-10-31
Updated on:        2006-11-13
CVE Names:         CAN-2004-2069 CVE-2006-3403 CVE-2005-2177
                   CVE-2006-3467 CVE-2006-1342 CVE-2006-1343
                   CVE-2006-1864 CVE-2006-2071
- - -------------------------------------------------------------------

1. Summary:

Updated package addresses several security issues.

2. Relevant releases:

VMware ESX 2.0.2 prior to upgrade patch 2

3. Problem description:

This patch addresses the following security issues:

Openssh -- A bug was found in the way the OpenSSH server handled the
MaxStartups and LoginGraceTime configuration variables. The Common
Vulnerabilities and Exposures project (cve.mitre.org) assigned the name
CAN-2004-2069 to this issue.

samba -- A denial of service bug was found in the way the smbd daemon
tracks active connections to shares. It was possible for a remote
attacker to cause the smbd daemon to consume a large amount of system
memory by sending carefully crafted smb requests. The Common
Vulnerabilities and Exposures project (cve.mitre.org) assigned the name
CVE-2006-3403 to this issue.

Python -- An integer overflow flaw was found in Python's PCRE library
that could be triggered by a maliciously crafted regular expression. On
systems that accept arbitrary regular expressions from untrusted users,
this could be exploited to execute arbitrary code with the privileges of
the application using the library. The Common Vulnerabilities and
Exposures project (cve.mitre.org) assigned the name CVE-2005-2491 to
this issue.

ucd-snmp -- A denial of service bug was found in the way ucd-snmp uses
network stream protocols. A remote attacker could send a ucd-snmp agent
a specially crafted packet which will cause the agent to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CAN-2005-2177 to this issue.

XFree86 -- An integer overflow flaw in the way the XFree86 server
processes PCF font files was discovered. A malicious authorized client
could exploit this issue to cause a denial of service (crash) or
potentially execute arbitrary code with root privileges on the XFree86
server. The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-3467 to this issue.

A minor info leak in socket name handling in the network code
(CVE-2006-1342).
A minor info leak in socket option handling in the network code
(CVE-2006-1343).
A directory traversal vulnerability in smbfs that allowed a local user
to escape chroot restrictions for an SMB-mounted filesystem via "..\\"
sequences (CVE-2006-1864).
A flaw in the mprotect system call that allowed to give write permission
to a readonly attachment of shared memory (CVE-2006-2071).

NOTE: AMD processers were not supported in the VMware ESX 2.0.2 release
so CVE-2006-1056 is not applicable to this version of the product.

The non-security-related fixes are documented on the patch download page.

4. Solution:

Upgrade to the latest update package for your release of ESX.
http://www.vmware.com/download/esx/

http://www.vmware.com/download/esx/esx-202-200610-patch.html

he md5 checksum output should match the following:
9e79d333ac9360122fb69bc8fc549405 esx-2.0.2-31924-upgrade.tar.gz

5. References:
http://www.vmware.com/download/esx/esx-202-200610-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071
http://www.vmware.com/products/esx/
http://www.vmware.com/download/esx/

6. Contact:

http://www.vmware.com/security

VMware Security Response Policy
http://www.vmware.com/vmtn/technology/security/security_response.html

E-mail:  security@vmware.com

Copyright 2006 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFWP5W6KjQhy2pPmkRCDVzAJ9O3O4zIUSmEW9i4NyvxKxd1xUMLwCfRrYT
PiCazE9ioHCf33AaY31k8mU=
=U+XZ
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F52051)

VMware Security Advisory 2006-0007 (PacketStormID:F52051)
2006-11-14 00:00:00
VMware  vmware.com
advisory,vulnerability,python
CVE-2004-2069,CVE-2006-3403,CVE-2005-2177,CVE-2006-3467,CVE-2006-1056,CVE-2006-1342,CVE-2006-1343,CVE-2006-1864,CVE-2006-2071
[点击下载]

VMware Security Advisory - A new update has been released for VMware ESX 2.1.3 versions prior to upgrade patch 2. This patch addresses vulnerabilities in Openssh, samba, Python, ucd-snmp, XFree86, and more.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- - -------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID:       VMSA-2006-0007
Synopsis:          VMware ESX Server 2.1.3 Upgrade Patch 2
Patch URL: http://www.vmware.com/download/esx/esx-213-200610-patch.html
Issue date:        2006-10-31
Updated on:        2006-11-13
CVE Names:         CAN-2004-2069 CVE-2006-3403 CVE-2005-2177
                   CVE-2006-3467 CVE-2006-1056 CVE-2006-1342
                   CVE-2006-1343 CVE-2006-1864 CVE-2006-2071
- - -------------------------------------------------------------------

1. Summary:

Updated package addresses several security issues.

2. Relevant releases:

VMware ESX 2.1.3 prior to upgrade patch 2

3. Problem description:

This patch addresses the following security issues:

Openssh -- A bug was found in the way the OpenSSH server handled the
MaxStartups and LoginGraceTime configuration variables. The Common
Vulnerabilities and Exposures project (cve.mitre.org) assigned the name
CAN-2004-2069 to this issue.

samba -- A denial of service bug was found in the way the smbd daemon
tracks active connections to shares. It was possible for a remote
attacker to cause the smbd daemon to consume a large amount of system
memory by sending carefully crafted smb requests. The Common
Vulnerabilities and Exposures project (cve.mitre.org) assigned the name
CVE-2006-3403 to this issue.

Python -- An integer overflow flaw was found in Python's PCRE library
that could be triggered by a maliciously crafted regular expression. On
systems that accept arbitrary regular expressions from untrusted users,
this could be exploited to execute arbitrary code with the privileges of
the application using the library. The Common Vulnerabilities and
Exposures project (cve.mitre.org) assigned the name CVE-2005-2491 to
this issue.

ucd-snmp -- A denial of service bug was found in the way ucd-snmp uses
network stream protocols. A remote attacker could send a ucd-snmp agent
a specially crafted packet which will cause the agent to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CAN-2005-2177 to this issue.

XFree86 -- An integer overflow flaw in the way the XFree86 server
processes PCF font files was discovered. A malicious authorized client
could exploit this issue to cause a denial of service (crash) or
potentially execute arbitrary code with root privileges on the XFree86
server. The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-3467 to this issue.

An AMD fxsave/restore security vulnerability. The instructions fxsave
and fxrstor on AMD CPUs are used to save or restore the FPU registers
(FOP, FIP and FDP). On AMD Opteron processors, these instructions do not
save/restore some exception related registers unless an exception is
currently being serviced. This could allow a local attacker to partially
monitor the execution path of FPU processes, possibly allowing them to
obtain sensitive information being passed through those processes.  The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CVE-2006-1056 to this issue.

A minor info leak in socket name handling in the network code
(CVE-2006-1342).
A minor info leak in socket option handling in the network code
(CVE-2006-1343).
A directory traversal vulnerability in smbfs that allowed a local user
to escape chroot restrictions for an SMB-mounted filesystem via "..\\"
sequences (CVE-2006-1864).
A flaw in the mprotect system call that allowed to give write permission
to a readonly attachment of shared memory (CVE-2006-2071).

The non-security-related fixes are documented on the patch download page.

4. Solution:

Upgrade to the latest update package for your release of ESX.
http://www.vmware.com/download/esx/

http://www.vmware.com/download/esx/esx-213-200610-patch.html

The md5 checksum output should match the following:
c7057896ee275ce28b0b94a2186c1232 esx-2.1.3-24171-upgrade.tar.gz

5. References:
http://www.vmware.com/download/esx/esx-213-200610-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071
http://www.vmware.com/products/esx/
http://www.vmware.com/download/esx/

6. Contact:

http://www.vmware.com/security

VMware Security Response Policy
http://www.vmware.com/vmtn/technology/security/security_response.html

E-mail:  security@vmware.com

Copyright 2006 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFWP5M6KjQhy2pPmkRCGbTAJ9a4PnHLWO6HwHQKzVPj1VI9V0dVQCdETxH
ISqiyTar1d433nMH9q/JvxA=
=cesx
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F52050)

VMware Security Advisory 2006-0006 (PacketStormID:F52050)
2006-11-14 00:00:00
VMware  vmware.com
advisory,vulnerability,python
CVE-2004-2069,CVE-2006-3403,CVE-2005-2177,CVE-2006-3467,CVE-2006-1056,CVE-2006-1342,CVE-2006-1343,CVE-2006-1864,CVE-2006-2071
[点击下载]

VMware Security Advisory - A new update has been released for VMware ESX versions 2.5.3 prior to upgrade patch 4. This patch addresses vulnerabilities in Openssh, samba, Python, ucd-snmp, XFree86, and more.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- - -------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID:       VMSA-2006-0006
Synopsis:          VMware ESX Server 2.5.3 Upgrade Patch 4
Patch URL: http://www.vmware.com/download/esx/esx-253-200610-patch.html
Issue date:        2006-10-31
Updated on:        2006-11-13
CVE Names:         CAN-2004-2069 CVE-2006-3403 CVE-2005-2177
                   CVE-2006-3467 CVE-2006-1056 CVE-2006-1342
                   CVE-2006-1343 CVE-2006-1864 CVE-2006-2071
- - -------------------------------------------------------------------

1. Summary:

Updated package addresses several security issues.

2. Relevant releases:

VMware ESX 2.5.3 prior to upgrade patch 4

3. Problem description:

This patch addresses the following security issues:

Openssh -- A bug was found in the way the OpenSSH server handled the
MaxStartups and LoginGraceTime configuration variables. The Common
Vulnerabilities and Exposures project (cve.mitre.org) assigned the name
CAN-2004-2069 to this issue.

samba -- A denial of service bug was found in the way the smbd daemon
tracks active connections to shares. It was possible for a remote
attacker to cause the smbd daemon to consume a large amount of system
memory by sending carefully crafted smb requests. The Common
Vulnerabilities and Exposures project (cve.mitre.org) assigned the name
CVE-2006-3403 to this issue.

Python -- An integer overflow flaw was found in Python's PCRE library
that could be triggered by a maliciously crafted regular expression. On
systems that accept arbitrary regular expressions from untrusted users,
this could be exploited to execute arbitrary code with the privileges of
the application using the library. The Common Vulnerabilities and
Exposures project (cve.mitre.org) assigned the name CVE-2005-2491 to
this issue.

ucd-snmp -- A denial of service bug was found in the way ucd-snmp uses
network stream protocols. A remote attacker could send a ucd-snmp agent
a specially crafted packet which will cause the agent to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CAN-2005-2177 to this issue.

XFree86 -- An integer overflow flaw in the way the XFree86 server
processes PCF font files was discovered. A malicious authorized client
could exploit this issue to cause a denial of service (crash) or
potentially execute arbitrary code with root privileges on the XFree86
server. The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-3467 to this issue.

An AMD fxsave/restore security vulnerability. The instructions fxsave
and fxrstor on AMD CPUs are used to save or restore the FPU registers
(FOP, FIP and FDP). On AMD Opteron processors, these instructions do not
save/restore some exception related registers unless an exception is
currently being serviced. This could allow a local attacker to partially
monitor the execution path of FPU processes, possibly allowing them to
obtain sensitive information being passed through those processes.  The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CVE-2006-1056 to this issue.

A minor info leak in socket name handling in the network code
(CVE-2006-1342).
A minor info leak in socket option handling in the network code
(CVE-2006-1343).
A directory traversal vulnerability in smbfs that allowed a local user
to escape chroot restrictions for an SMB-mounted filesystem via "..\\"
sequences (CVE-2006-1864).
A flaw in the mprotect system call that allowed to give write permission
to a readonly attachment of shared memory (CVE-2006-2071).

The non-security-related fixes are documented on the patch download page.

4. Solution:

Upgrade to the latest update package for your release of ESX.
http://www.vmware.com/download/esx/

http://www.vmware.com/download/esx/esx-253-200610-patch.html

The md5 checksum output should match the following:
4852f5a00e29b5780d9d0fadc0d28f3e esx-2.5.3-32134-upgrade.tar.gz

Please DO NOT apply this patch on SunFire X4100 or X4200 servers.
For further details, please refer to knowledge base article 2085:
Installing ESX 2.5.3 on SunFire x4100 and x4200 Servers.
http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2085

5. References:
http://www.vmware.com/download/esx/esx-253-200610-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071
http://www.vmware.com/products/esx/
http://www.vmware.com/download/esx/

6. Contact:

http://www.vmware.com/security

VMware Security Response Policy
http://www.vmware.com/vmtn/technology/security/security_response.html

E-mail:  security@vmware.com

Copyright 2006 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFWP476KjQhy2pPmkRCD9rAKC9xQ9ej+t23opBsZn5BY6w736lmQCfQ9WA
5PuJxKgAYF2RTeQoXM7lr1I=
=miw3
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F52049)

VMware Security Advisory 2006-0005 (PacketStormID:F52049)
2006-11-14 00:00:00
VMware  vmware.com
advisory,vulnerability
CVE-2005-2177,CVE-2006-3467,CVE-2006-1056,CVE-2006-1342,CVE-2006-1343,CVE-2006-1864,CVE-2006-2071
[点击下载]

VMware Security Advisory - A new update has been released for VMware ESX versions 2.5.4 prior to upgrade patch 1. This patch addresses vulnerabilities in ucd-snmp, XFree86, an AMD fxsave/restore security flaw, some minor information leaks, and more.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- - -------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID:       VMSA-2006-0005
Synopsis:          VMware ESX Server 2.5.4 Upgrade Patch 1
Patch URL: http://www.vmware.com/download/esx/esx-254-200610-patch.html
Issue date:        2006-10-31
Updated on:        2006-11-13
CVE Names:         CVE-2005-2177 CVE-2006-3467 CVE-2006-1056
                   CVE-2006-1342 CVE-2006-1343 CVE-2006-1864
                   CVE-2006-2071
- - -------------------------------------------------------------------

1. Summary:

Updated package addresses several security issues.

2. Relevant releases:

VMware ESX 2.5.4 prior to upgrade patch 1

3. Problem description:

This patch addresses the following security issues:

ucd-snmp -- A denial of service bug was found in the way ucd-snmp uses
network stream protocols. A remote attacker could send a ucd-snmp agent
a specially crafted packet which will cause the agent to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CAN-2005-2177 to this issue.

XFree86 -- An integer overflow flaw in the way the XFree86 server
processes PCF font files was discovered. A malicious authorized client
could exploit this issue to cause a denial of service (crash) or
potentially execute arbitrary code with root privileges on the XFree86
server. The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-3467 to this issue.

An AMD fxsave/restore security vulnerability. The instructions fxsave
and fxrstor on AMD CPUs are used to save or restore the FPU registers
(FOP, FIP and FDP). On AMD Opteron processors, these instructions do not
save/restore some exception related registers unless an exception is
currently being serviced. This could allow a local attacker to partially
monitor the execution path of FPU processes, possibly allowing them to
obtain sensitive information being passed through those processes.  The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CVE-2006-1056 to this issue.

A minor info leak in socket name handling in the network code
(CVE-2006-1342).
A minor info leak in socket option handling in the network code
(CVE-2006-1343).
A directory traversal vulnerability in smbfs that allowed a local user
to escape chroot restrictions for an SMB-mounted filesystem via "..\\"
sequences (CVE-2006-1864).
A flaw in the mprotect system call that allowed to give write permission
to a readonly attachment of shared memory (CVE-2006-2071).

The non-security-related fixes are documented on the patch download page.

4. Solution:

Upgrade to the latest update package for your release of ESX.
http://www.vmware.com/download/esx/

http://www.vmware.com/download/esx/esx-254-200610-patch.html

The md5 checksum output should match the following:
6bc66a5cdbfea08f762f375f2488998b esx-2.5.4-32461-upgrade.tar.gz

5. References:
http://www.vmware.com/download/esx/esx-254-200610-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071
http://www.vmware.com/products/esx/
http://www.vmware.com/download/esx/

6. Contact:

http://www.vmware.com/security

VMware Security Response Policy
http://www.vmware.com/vmtn/technology/security/security_response.html

E-mail:  security@vmware.com

Copyright 2006 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFWP4q6KjQhy2pPmkRCJLcAKC8hclWfRdKXjT8RfYEsLykp1lcOQCfZvve
Wm8ulAa7VayW5kYj/a75mcg=
=rbyq
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F41886)

Ubuntu Security Notice 190-2 (PacketStormID:F41886)
2005-11-30 00:00:00
Ubuntu  security.ubuntu.com
advisory,remote,denial of service,udp,tcp,protocol
linux,ubuntu
CVE-2005-2177
[点击下载]

Ubuntu Security Notice USN-190-2 - A remote Denial of Service has been discovered in the SMNP (Simple Network Management Protocol) library. If a SNMP agent uses TCP sockets for communication, a malicious SNMP server could exploit this to crash the agent. Please note that by default SNMP uses UDP sockets.

===========================================================
Ubuntu Security Notice USN-190-2	  November 21, 2005
ucd-snmp vulnerability
CVE-2005-2177
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

libsnmp4.2

The problem can be corrected by upgrading the affected package to
version 4.2.5-3.5ubuntu0.4.10 (for Ubuntu 4.10), 4.2.5-3.5ubuntu0.5.04
(for Ubuntu 5.04), or 4.2.5-5ubuntu0.1 (for Ubuntu 5.10).  After a
standard system upgrade you need to restart the cyrus email
server with

  /etc/init.d/cyrus21 restart

  (with root privileges, e. g. with using sudo).

Details follow:

USN-190-1 fixed a vulnerability in the net-snmp library. It was
discovered that the same problem also affects the ucs-snmp
implementation (which is used by the Cyrus email server).

Original advisory:

  A remote Denial of Service has been discovered in the SMNP (Simple
  Network Management Protocol) library. If a SNMP agent uses TCP sockets
  for communication, a malicious SNMP server could exploit this to crash
  the agent. Please note that by default SNMP uses UDP sockets.


Updated packages for Ubuntu 4.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/ucd-snmp_4.2.5-3.5ubuntu0.4.10.diff.gz
      Size/MD5:    69622 5861e6945830eacba4c2094c94699aaf
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/ucd-snmp_4.2.5-3.5ubuntu0.4.10.dsc
      Size/MD5:      779 4cbc553d37af0c9db4a9c6d1471547c0
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/ucd-snmp_4.2.5.orig.tar.gz
      Size/MD5:  1707471 615e0b1e760cbb8c63b5392fe2d04b14

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2-dev_4.2.5-3.5ubuntu0.4.10_amd64.deb
      Size/MD5:   528770 ea77ab507ff3c90d4334e0dbaefbcfc6
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2_4.2.5-3.5ubuntu0.4.10_amd64.deb
      Size/MD5:   648804 7922cb95648180a9e1d7a4d07af84523

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2-dev_4.2.5-3.5ubuntu0.4.10_i386.deb
      Size/MD5:   457638 5af1620e60bc63d7d58c801c599a6fb4
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2_4.2.5-3.5ubuntu0.4.10_i386.deb
      Size/MD5:   624278 4c2e603b958d7fd5ca4005a8d68cfaef

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2-dev_4.2.5-3.5ubuntu0.4.10_powerpc.deb
      Size/MD5:   601122 9bbcd21251c92c8244158d3ef2893b5d
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2_4.2.5-3.5ubuntu0.4.10_powerpc.deb
      Size/MD5:   615504 b4510e4e2eb589246c3e6ab9d3d2cbbc

Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/ucd-snmp_4.2.5-3.5ubuntu0.5.04.diff.gz
      Size/MD5:    69622 1f2f355dcc1d8a74740c75c336c7d64f
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/ucd-snmp_4.2.5-3.5ubuntu0.5.04.dsc
      Size/MD5:      779 108154374c1784cd2a4372053773bd07
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/ucd-snmp_4.2.5.orig.tar.gz
      Size/MD5:  1707471 615e0b1e760cbb8c63b5392fe2d04b14

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2-dev_4.2.5-3.5ubuntu0.5.04_amd64.deb
      Size/MD5:   528818 bbca4da8fd1dfdfdd75f421ebe7e7b95
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2_4.2.5-3.5ubuntu0.5.04_amd64.deb
      Size/MD5:   648844 36f2c9547e261603317c1b87d8e528a5

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2-dev_4.2.5-3.5ubuntu0.5.04_i386.deb
      Size/MD5:   458084 d51dc298a88baa36c07aab3ca57a27dc
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2_4.2.5-3.5ubuntu0.5.04_i386.deb
      Size/MD5:   624800 80ddcb36a6597c811eb793f965e7b34f

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2-dev_4.2.5-3.5ubuntu0.5.04_powerpc.deb
      Size/MD5:   601120 b837c24ba5e35fd876e10d20ffc3b72b
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2_4.2.5-3.5ubuntu0.5.04_powerpc.deb
      Size/MD5:   615470 8739aefd6ccee20d2deacd3b0b0c0fb2

Updated packages for Ubuntu 5.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/ucd-snmp_4.2.5-5ubuntu0.1.diff.gz
      Size/MD5:    69879 6ef2cb3af6867a1456b473088261cc93
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/ucd-snmp_4.2.5-5ubuntu0.1.dsc
      Size/MD5:      774 e9be486552af55a156c37d82b8e5934d
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/ucd-snmp_4.2.5.orig.tar.gz
      Size/MD5:  1707471 615e0b1e760cbb8c63b5392fe2d04b14

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2-dev_4.2.5-5ubuntu0.1_amd64.deb
      Size/MD5:   551274 d75072859288156d876eb61ec0b1d9b9
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2_4.2.5-5ubuntu0.1_amd64.deb
      Size/MD5:   663934 7f7ca12df144769d40dd1168fc36c679

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2-dev_4.2.5-5ubuntu0.1_i386.deb
      Size/MD5:   465532 2669a212a3b23706f725e5d95167e143
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2_4.2.5-5ubuntu0.1_i386.deb
      Size/MD5:   619630 bddb573c1ffb88c5d722b91f27102a07

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2-dev_4.2.5-5ubuntu0.1_powerpc.deb
      Size/MD5:   589426 02710f1b81d7406f246a56e5332600ac
    http://security.ubuntu.com/ubuntu/pool/main/u/ucd-snmp/libsnmp4.2_4.2.5-5ubuntu0.1_powerpc.deb
      Size/MD5:   628922 e6048dcafdfbda76fe3efa91fe78324b
    

- 漏洞信息 (F41005)

Debian Linux Security Advisory 873-1 (PacketStormID:F41005)
2005-10-27 00:00:00
Debian  security.debian.org
advisory,denial of service,udp,tcp,protocol
linux,debian
CVE-2005-2177
[点击下载]

Debian Security Advisory DSA 873-1 - A security vulnerability has been found in Net-SNMP releases that could allow a denial of service attack against Net-SNMP agent's that have opened a stream based protocol (eg TCP but not UDP). By default, Net-SNMP does not open a TCP port.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 873-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
October 26th, 2005                        http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : net-snmp
Vulnerability  : programming error
Problem type   : remote
Debian-specific: no
CVE ID         : CAN-2005-2177
BugTraq ID     : 14168

A security vulnerability has been found in Net-SNMP releases that
could allow a denial of service attack against Net-SNMP agent's that
have opened a stream based protocol (eg TCP but not UDP).  By default,
Net-SNMP does not open a TCP port.

The old stable distribution (woody) does not contain a net-snmp package.

For the stable distribution (sarge) this problem has been fixed in
version 5.1.2-6.2.

For the unstable distribution (sid) this problem has been fixed in
version 5.2.1.2-1.

We recommend that you upgrade your net-snmp package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.1.2-6.2.dsc
      Size/MD5 checksum:      794 0aa985327e01703ee88e9c9fc63dcccb
    http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.1.2-6.2.diff.gz
      Size/MD5 checksum:    67941 80b50ece9798c3634843213632ea8b53
    http://security.debian.org/pool/updates/main/n/net-snmp/net-snmp_5.1.2.orig.tar.gz
      Size/MD5 checksum:  3253579 8080555ab3f90011f25d5122042d9a8d

  Architecture independent components:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-base_5.1.2-6.2_all.deb
      Size/MD5 checksum:  1005346 9f09bd5325ecb399a6b8b8b4c74e409e
    http://security.debian.org/pool/updates/main/n/net-snmp/tkmib_5.1.2-6.2_all.deb
      Size/MD5 checksum:   754688 5c84a39f4fb06e9ffae0c693b4e6c1fe

  Alpha architecture:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_alpha.deb
      Size/MD5 checksum:   818316 c130066a195f6061032c039dbb70f4c6
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_alpha.deb
      Size/MD5 checksum:  1579716 b35f6363a539100eb8a32cdee143c4b5
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_alpha.deb
      Size/MD5 checksum:  1647842 99a7926ca98e85e3f8742dfc7a46b880
    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_alpha.deb
      Size/MD5 checksum:   820826 8645dbb814fee32fd4dba772806b4e7d
    http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_alpha.deb
      Size/MD5 checksum:   733324 0d1113f65055b9802b1f0db33bf8566c

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_amd64.deb
      Size/MD5 checksum:   815302 8b739d0e928cbed3d4e5fc30df4dd26d
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_amd64.deb
      Size/MD5 checksum:  1553650 907b6ad8b395b2167ed07331d9ae88b1
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_amd64.deb
      Size/MD5 checksum:  1184882 fd9f8a3c36a0573737d2856e70be4b55
    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_amd64.deb
      Size/MD5 checksum:   815620 073e011929c866ea6793852c48822f38
    http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_amd64.deb
      Size/MD5 checksum:   731774 aa783fcf78888d5379c80cadfecba92f

  ARM architecture:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_arm.deb
      Size/MD5 checksum:   811116 7c0db64010705b24094b04cb697c21ae
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_arm.deb
      Size/MD5 checksum:  1477848 0072b62e6a873a7bca251a5a7b1a4ac6
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_arm.deb
      Size/MD5 checksum:  1120060 5d51cd366d5497c549c95d81233820cb
    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_arm.deb
      Size/MD5 checksum:   810168 1e2aaa41d86cbf1d3455cc3ad1e9246e
    http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_arm.deb
      Size/MD5 checksum:   730678 4da842f3e4c7820b6994dbaa4ce9464c

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_i386.deb
      Size/MD5 checksum:   818878 b3b728436c0d24dd71cae4c745d78d69
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_i386.deb
      Size/MD5 checksum:  1531948 64e0d4d60e1ec437c0693cd80ab5652d
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_i386.deb
      Size/MD5 checksum:  1100052 a86f8867983efe3eaf2ae2c0a529fcd7
    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_i386.deb
      Size/MD5 checksum:   811618 6939d4e93c77a9da325a1558d0b1c492
    http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_i386.deb
      Size/MD5 checksum:   730514 a31ff071dc8dc2406f60d8c9fc4f8a74

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_ia64.deb
      Size/MD5 checksum:   846348 9902935d551e5eec1aaefdb2689bc1ba
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_ia64.deb
      Size/MD5 checksum:  1780724 eb6b2eb4ba43a0a0bcb99cdd51b2e4e8
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_ia64.deb
      Size/MD5 checksum:  1584452 caa05c744a6ce901def3aefa11347302
    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_ia64.deb
      Size/MD5 checksum:   838818 a59fd105fb8b839031eacc1faf3410a4
    http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_ia64.deb
      Size/MD5 checksum:   737976 22069dd21aab422a67ca368dc7537aa4

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_hppa.deb
      Size/MD5 checksum:   829624 8d8d43de36f2846f0f4c689eafc239d1
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_hppa.deb
      Size/MD5 checksum:  1604876 1f5fc833c478b0e737d89a86b69bf6a0
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_hppa.deb
      Size/MD5 checksum:  1368226 d77ce1656b2f5f1c09bd98aeb17bb354
    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_hppa.deb
      Size/MD5 checksum:   824466 8a1f5d695a218655932180b3f8e3b49c
    http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_hppa.deb
      Size/MD5 checksum:   733168 1c894d59e8d8cad67210b22049c55338

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_m68k.deb
      Size/MD5 checksum:   811308 675071b60bf7604029d3b9bb7f9d7fa7
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_m68k.deb
      Size/MD5 checksum:  1437126 f72bf3101dff7666764144e067c222b4
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_m68k.deb
      Size/MD5 checksum:   996514 d65a43ee4d13f7d8b2e60fcd79bc1a46
    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_m68k.deb
      Size/MD5 checksum:   804982 c401927b09c0ee5c79727bebefcbb026
    http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_m68k.deb
      Size/MD5 checksum:   730252 1c91b25ab5926d6da868aa9b4bf84fd4

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_mips.deb
      Size/MD5 checksum:   784884 fa5d5b971d96c5188aed859eba805eb4
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_mips.deb
      Size/MD5 checksum:  1413338 1232a5281e48c703c99cabc5ea8777a5
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_mips.deb
      Size/MD5 checksum:  1312878 d3dd3cd33fef646b53c1e5f5e93ee788
    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_mips.deb
      Size/MD5 checksum:   832678 3eda8f1830383293eba823cf984d15d5
    http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_mips.deb
      Size/MD5 checksum:   731444 3c50ceaea9bd62bce4eb4c5fb2bb0678

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_mipsel.deb
      Size/MD5 checksum:   784866 a2bab5ddee0ec91f396422f0fd0133ee
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_mipsel.deb
      Size/MD5 checksum:  1418510 ba607a78662d2294d82c7425e804f3d1
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_mipsel.deb
      Size/MD5 checksum:  1273102 66daf0e381d18f91ddfd738243339b85
    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_mipsel.deb
      Size/MD5 checksum:   832708 3f4362c2c82fea024e2b14c3722b2351
    http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_mipsel.deb
      Size/MD5 checksum:   731292 5c06ed6b9b380e2cf88e14f900f0d634

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_powerpc.deb
      Size/MD5 checksum:   832410 367a1322826f11ef9dcbdc0c2a555a4b
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_powerpc.deb
      Size/MD5 checksum:  1484164 0489fb05721749be8a77c3b6be7b6814
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_powerpc.deb
      Size/MD5 checksum:  1322578 4c3972bc7d19a25863efd7fc20447363
    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_powerpc.deb
      Size/MD5 checksum:   824460 80aa5fe58c0d357bfcdea1e6568889d1
    http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_powerpc.deb
      Size/MD5 checksum:   731674 94282339ba881ba28c2f06a84dab01e9

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_s390.deb
      Size/MD5 checksum:   793848 a76fffb4dcb478b9ab2a6a304dce5667
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_s390.deb
      Size/MD5 checksum:  1480932 a81f9fbb32fc486ba92bac8ed84f3abd
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_s390.deb
      Size/MD5 checksum:  1077868 fcf7d1957102b26ea3a8fa9c70b305e5
    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_s390.deb
      Size/MD5 checksum:   814068 cee89d4ce9dce6cb508e608ad8718796
    http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_s390.deb
      Size/MD5 checksum:   731410 9f59b5a7ce92d38560b5c529fd134473

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp-perl_5.1.2-6.2_sparc.deb
      Size/MD5 checksum:   813492 8a2bcbc7c3ac29a7de6ab08f1e23a554
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5_5.1.2-6.2_sparc.deb
      Size/MD5 checksum:  1484394 4386034ab461611e28beaefa2acc237c
    http://security.debian.org/pool/updates/main/n/net-snmp/libsnmp5-dev_5.1.2-6.2_sparc.deb
      Size/MD5 checksum:  1198292 460d4253893dfd4e87a015427a95cb08
    http://security.debian.org/pool/updates/main/n/net-snmp/snmp_5.1.2-6.2_sparc.deb
      Size/MD5 checksum:   809826 d1b38721fae2ebc880cef0703d7d4d68
    http://security.debian.org/pool/updates/main/n/net-snmp/snmpd_5.1.2-6.2_sparc.deb
      Size/MD5 checksum:   730608 26961f57a7aa5fed6a04813b7627531f


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDX8bHW5ql+IAeqTIRAv8EAJ9dOXX+SuYPVnHQbUQhd176V5DGewCglfyJ
pHyXmMzmExE5Fn3NIYf+vuw=
=mtjW
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F40376)

usn-190-1.txt (PacketStormID:F40376)
2005-10-04 00:00:00
Martin Pitt  security.ubuntu.com
advisory,remote,denial of service,udp,tcp,protocol
linux,ubuntu
CVE-2005-2177
[点击下载]

Ubuntu Security Notice USN-190-1 - A remote Denial of Service has been discovered in the SNMP (Simple Network Management Protocol) library. If a SNMP agent uses TCP sockets for communication, a malicious SNMP server could exploit this to crash the agent. Please note that by default SNMP uses UDP sockets.

--U+BazGySraz5kW0T
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

===========================================================
Ubuntu Security Notice USN-190-1         September 29, 2005
net-snmp vulnerability
CAN-2005-2177
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

libsnmp5
snmpd

The problem can be corrected by upgrading the affected package to
version 5.1.1-2ubuntu3.1 (for Ubuntu 4.10), or 5.1.2-6ubuntu2.1 (for
Ubuntu 5.04).  In general, a standard system upgrade is sufficient to
effect the necessary changes.

Details follow:

A remote Denial of Service has been discovered in the SMNP (Simple
Network Management Protocol) library. If a SNMP agent uses TCP sockets
for communication, a malicious SNMP server could exploit this to crash
the agent. Please note that by default SNMP uses UDP sockets.

Updated packages for Ubuntu 4.10 (Warty Warthog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.1.1-2ubuntu3.1.diff.gz
      Size/MD5:    64878 d6c0be6b1f4910491e5ab25445bb4700
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.1.1-2ubuntu3.1.dsc
      Size/MD5:      764 0b56d8f481a40a648d71a46a28a30242
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.1.1.orig.tar.gz
      Size/MD5:  2977122 68f6c946387718e4f300cbb8b6c4bd43

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.1.1-2ubuntu3.1_all.deb
      Size/MD5:   983990 986268d8d36780928e4f7f228d729307
    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.1.1-2ubuntu3.1_all.deb
      Size/MD5:   738088 ca1c90ee739e8e818a71662f41539a6b

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.1.1-2ubuntu3.1_i386.deb
      Size/MD5:   794030 fa885c25434f9ecd71c2e787a61bf760
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5-dev_5.1.1-2ubuntu3.1_i386.deb
      Size/MD5:  1028070 5248a763ea62417775874d25852d2b56
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5_5.1.1-2ubuntu3.1_i386.deb
      Size/MD5:  1489964 f8ad34a059cfdb933fde0a4d0ab385d7
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.1.1-2ubuntu3.1_i386.deb
      Size/MD5:   136042 5ad75b861d30d9f452047dca700f6f2e
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.1.1-2ubuntu3.1_i386.deb
      Size/MD5:    54640 2013a51151c05fa64a1e149690e06e13

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.1.1-2ubuntu3.1_powerpc.deb
      Size/MD5:   796128 99dbf58f2e3ff4cf81465fa1f1fde473
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5-dev_5.1.1-2ubuntu3.1_powerpc.deb
      Size/MD5:  1311040 9877027d336c486c40ac6bf78883d6f9
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5_5.1.1-2ubuntu3.1_powerpc.deb
      Size/MD5:  1465006 ecf9077a8c3138db2fd2f8049eb82a08
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.1.1-2ubuntu3.1_powerpc.deb
      Size/MD5:   149448 c41a3984aa3667eb3e71ea1c440cbfd7
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.1.1-2ubuntu3.1_powerpc.deb
      Size/MD5:    55844 7ffd98af0b11f69d62c9dde55f1f9b9d

Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.1.2-6ubuntu2.1.diff.gz
      Size/MD5:    68366 90bfe25c7bc22e56ffd42b1afdb350a7
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.1.2-6ubuntu2.1.dsc
      Size/MD5:      775 459a6744d320dbbcd80268253be6e1f1
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.1.2.orig.tar.gz
      Size/MD5:  3253579 8080555ab3f90011f25d5122042d9a8d

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.1.2-6ubuntu2.1_all.deb
      Size/MD5:  1005694 b2a867637c62da63e23b3eb3d27a0106
    http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.1.2-6ubuntu2.1_all.deb
      Size/MD5:   755084 07016f05eb39707b56248c82acfd59fb

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.1.2-6ubuntu2.1_amd64.deb
      Size/MD5:   815728 aeba8df81837e61c17d81aef02fa4fae
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5-dev_5.1.2-6ubuntu2.1_amd64.deb
      Size/MD5:  1185224 5738e905796f4050f470c79b03098aea
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5_5.1.2-6ubuntu2.1_amd64.deb
      Size/MD5:  1554094 db62ac7eb5e2442c8443e0ad21269ce0
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.1.2-6ubuntu2.1_amd64.deb
      Size/MD5:   816050 8ddd19cd43b88158f742765eee1896a8
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.1.2-6ubuntu2.1_amd64.deb
      Size/MD5:   731958 f1039aef1794673573b0ecb8cead1017

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.1.2-6ubuntu2.1_i386.deb
      Size/MD5:   817026 9fd60f18d27256295c95acd827a2f18c
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5-dev_5.1.2-6ubuntu2.1_i386.deb
      Size/MD5:  1037670 55f7d7c540f3a76bc495b1faec49860a
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5_5.1.2-6ubuntu2.1_i386.deb
      Size/MD5:  1510352 ccedf857d9c3925f9122d1e4ee705276
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.1.2-6ubuntu2.1_i386.deb
      Size/MD5:   810016 a138b4065ebb956f3a712b48366c3b61
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.1.2-6ubuntu2.1_i386.deb
      Size/MD5:   730546 cbaf4080d0a9e73cb21eb6da4d118f7d

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.1.2-6ubuntu2.1_powerpc.deb
      Size/MD5:   832746 d463e6f9252d8f1fbebbe79d8b26f2de
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5-dev_5.1.2-6ubuntu2.1_powerpc.deb
      Size/MD5:  1322704 218183622f1c5d10174c6cca4dfadfca
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp5_5.1.2-6ubuntu2.1_powerpc.deb
      Size/MD5:  1485112 b2ca935924363dcefd02c0c168a10eb6
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.1.2-6ubuntu2.1_powerpc.deb
      Size/MD5:   824778 a1c68fbeea22d4430be29099cde2221b
    http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.1.2-6ubuntu2.1_powerpc.deb
      Size/MD5:   731820 a98ce3c4e56b98bf2ef3928a38795a14


--U+BazGySraz5kW0T
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDPB0fDecnbV4Fd/IRAmWXAKD8EAKxxUqOBIv7ChyJT7NXjFvPtgCg2lJl
8O+ewy70Lg9Og8/vHG/Drvo=
=TzAw
-----END PGP SIGNATURE-----

--U+BazGySraz5kW0T--
    

- 漏洞信息

17754
Net-SNMP Unspecified Stream-based Protocol DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-07-01 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Net-SNMP Unspecified Remote Stream-Based Protocol Denial Of Service Vulnerability
Unknown 14168
Yes No
2005-07-06 12:00:00 2007-06-25 04:18:00
The vendor announced this vulnerability.

- 受影响的程序版本

VMWare ESX Server 2.5.4
VMWare ESX Server 2.5.3
VMWare ESX Server 2.1.3
VMWare ESX Server 2.0.2
Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
Sun Solaris 10_x86
Sun Solaris 10
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Enterprise Server 9
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Desktop 4.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core4
Red Hat Fedora Core3
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
Net-SNMP ucd-snmp 4.2.5
Net-SNMP Net-SNMP 5.2.1
Net-SNMP Net-SNMP 5.2
Net-SNMP Net-SNMP 5.1.2
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
Net-SNMP Net-SNMP 5.1.1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Net-SNMP Net-SNMP 5.1
Net-SNMP Net-SNMP 5.0.9
Net-SNMP Net-SNMP 5.0.8
Net-SNMP Net-SNMP 5.0.7
+ Conectiva Linux 9.0
Net-SNMP Net-SNMP 5.0.6
Net-SNMP Net-SNMP 5.0.5
Net-SNMP Net-SNMP 5.0.4 .pre2
+ RedHat Linux 9.0 i386
+ RedHat Linux 8.0 i386
Net-SNMP Net-SNMP 5.0.3
Net-SNMP Net-SNMP 5.0.1
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Conectiva Linux 10.0
Avaya Modular Messaging (MSS) 2.0
Avaya Modular Messaging (MSS) 1.1
Avaya Interactive Response 1.3
Avaya Interactive Response 1.2.1
Avaya Interactive Response
Avaya Integrated Management 2.1
Avaya Integrated Management
Avaya CVLAN
VMWare ESX Server 2.5.4 Patch 1
VMWare ESX Server 2.5.3 Patch 4
VMWare ESX Server 2.1.3 Patch 2
VMWare ESX Server 2.0.2 Patch 2
Net-SNMP Net-SNMP 5.2.1 .2
Net-SNMP Net-SNMP 5.1.3
Net-SNMP Net-SNMP 5.0.10 .2

- 不受影响的程序版本

VMWare ESX Server 2.5.4 Patch 1
VMWare ESX Server 2.5.3 Patch 4
VMWare ESX Server 2.1.3 Patch 2
VMWare ESX Server 2.0.2 Patch 2
Net-SNMP Net-SNMP 5.2.1 .2
Net-SNMP Net-SNMP 5.1.3
Net-SNMP Net-SNMP 5.0.10 .2

- 漏洞讨论

Net-SNMP is prone to a remote denial-of-service vulnerability. The issue is exposed when Net-SNMP is configured to have an open stream-based protocol port, such as TCP.

The exact details describing this issue are not available. This BID will be updated when more information emerges.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.

- 解决方案

Please see the referenced advisories for more information.


Sun Solaris 10

Conectiva Linux 10.0

Net-SNMP Net-SNMP 5.0.1

Net-SNMP Net-SNMP 5.0.3

Net-SNMP Net-SNMP 5.0.4 .pre2

Net-SNMP Net-SNMP 5.0.5

Net-SNMP Net-SNMP 5.0.6

Net-SNMP Net-SNMP 5.0.7

Net-SNMP Net-SNMP 5.0.8

Net-SNMP Net-SNMP 5.0.9

Net-SNMP Net-SNMP 5.1

Net-SNMP Net-SNMP 5.1.1

Net-SNMP Net-SNMP 5.1.2

Net-SNMP Net-SNMP 5.2

Net-SNMP Net-SNMP 5.2.1

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站