Debian Security Advisory DSA 873-1 (net-snmp) Network Vulnerability

Summary

The remote host is missing an update to net-snmp announced via advisory DSA 873-1. A security vulnerability has been found in Net-SNMP releases that could allow a denial of service attack against Net-SNMP agent's that have opened a stream based protocol (eg TCP but not UDP). By default, Net-SNMP does not open a TCP port. The old stable distribution (woody) does not contain a net-snmp package.

Solution

For the stable distribution (sarge) this problem has been fixed in version 5.1.2-6.2. For the unstable distribution (sid) this problem has been fixed in version 5.2.1.2-1. We recommend that you upgrade your net-snmp package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20873-1

Severity

Classification

CVE CVE-2005-2177
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1140-1 (gnupg)
Debian Security Advisory DSA 1006-1 (wzdftpd)
Debian Security Advisory DSA 1147-1 (drupal)
Debian Security Advisory DSA 1098-1 (horde3)
Debian Security Advisory DSA 093-1 (postfix)

Take action and discover your vulnerabilities