Bug 78960 - Remote Denial of Service with Net-SNMP
Summary: Remote Denial of Service with Net-SNMP
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: net-snmp   
(Show other bugs)
Version: 7.3
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Phil Knirsch
QA Contact:
URL: http://www.securiteam.com/unixfocus/6...
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-12-03 23:01 UTC by Need Real Name
Modified: 2015-03-05 01:11 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-12-17 11:22:29 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2002:228 high SHIPPED_LIVE : Updated Net-SNMP packages fix security and other bugs 2002-10-09 04:00:00 UTC

Description Need Real Name 2002-12-03 23:01:59 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2) Gecko/20021127

Description of problem:
Both Red Hat 7.3 and 8.0 ship an older version of Net-SNMP for which there is a
confirmed remote denial of service vulnerability.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
N/A

Actual Results:  N/A

Expected Results:  N/A

Additional info:

This vulnerability was fixed in version 5.0.5 of Net-SNMP.
Comment 1 Mark J. Cox 2002-12-04 10:58:59 UTC 
This is CAN-2002-1170
Comment 2 Phil Knirsch 2002-12-04 11:00:42 UTC 
We don't ship net-snmp for 7.3, only for 8.0

And for 8.0 we are currently in the process of doing an errata which is going to
be release real soon now (hopefully sometime this week).

Read ya, Phil
Comment 3 Mark J. Cox 2002-12-05 08:07:04 UTC 
leaving open until errata is created - will get closed automatically at that time
Note You need to log in before you can comment on or make changes to this bug.