Please Install the Updated Packages.

These packages provide various libraries and tools for the Simple Network Management Protocol (SNMP). An out-of-bounds buffer read flaw was found in the net-snmp agent. A remote attacker with read privileges to a Management Information Base (MIB) subtree handled by the extend directive (/etc/snmp/snmpd.conf) could use this flaw to crash snmpd via a crafted SNMP GET request. (CVE-2012-2141) Bug fixes: * Devices that used certain file systems were not reported in the &quot HOST-RESOURCES-MIB::hrStorageTable&quot table. As a result, the snmpd daemon did not recognize devices using tmpfs, ReiserFS, and Oracle Cluster File System (OCFS2) file systems. This update recognizes these devices and reports them in the 'HOST-RESOURCES-MIB::hrStorageTable' table. (BZ#754652, BZ#755958, BZ#822061) * The snmptrapd (8) man page did not correctly describe how to load multiple configuration files using the '-c' option. This update describes correctly that multiple configuration files must be separated by a comma. (BZ#760001) * Integers truncated from 64 to 32-bit were not correctly evaluated. As a consequence, the snmpd daemon could enter an endless loop when encoding the truncated integers to network format. This update modifies the underlying code so that snmpd correctly checks truncated 64-bit integers. Now, snmpd avoids an endless loop. (BZ#783892) Description truncated, for more information please check the Reference URL

net-snmp on Red Hat Enterprise Linux (v. 5 server)

• https://www.redhat.com/archives/rhsa-announce/2013-January/msg00007.html

---

Updated on 2015-03-25