Mandrake Security Advisory MDVSA-2009:156 (net-snmp)

The remote host is missing an update to net-snmp announced via advisory MDVSA-2009:156.
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
A vulnerability has been found and corrected in net-snmp: agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309 (CVE-2009-1887). This update provides fixes for this vulnerability. Affected: Corporate 3.0, Multi Network Firewall 2.0