_______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2006:025 http://www.mandriva.com/security/ _______________________________________________________________________ Package : net-snmp Date : January 26, 2006 Affected: 10.1, 10.2, Corporate 3.0, Multi Network Firewall 2.0 _______________________________________________________________________ Problem Description: The fixproc application in Net-SNMP creates temporary files with predictable file names which could allow a malicious local attacker to change the contents of the temporary file by exploiting a race condition, which could possibly lead to the execution of arbitrary code. As well, a local attacker could create symbolic links in the /tmp directory that point to a valid file that would then be overwritten when fixproc is executed (CVE-2005-1740). A remote Denial of Service vulnerability was also discovered in the SNMP library that could be exploited by a malicious SNMP server to crash the agent, if the agent uses TCP sockets for communication (CVE-2005-2177). The updated packages have been patched to correct these problems. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2177 _______________________________________________________________________ Updated Packages: Mandriva Linux 10.1: 5e45d435f1d54d5e3090782b6abba68d 10.1/RPMS/libnet-snmp5-5.1.2-6.1.101mdk.i586.rpm 0bfb669d7aa43f082748130de49566d9 10.1/RPMS/libnet-snmp5-devel-5.1.2-6.1.101mdk.i586.rpm 6c893808aef9ee5bc260097f85f59a8c 10.1/RPMS/libnet-snmp5-static-devel-5.1.2-6.1.101mdk.i586.rpm 9990e6a604e33077001acd83ef992839 10.1/RPMS/net-snmp-5.1.2-6.1.101mdk.i586.rpm 6cde654363177bcbce43e0629c4410df 10.1/RPMS/net-snmp-mibs-5.1.2-6.1.101mdk.i586.rpm 00a8209096eead381f4b92d6c5610d35 10.1/RPMS/net-snmp-trapd-5.1.2-6.1.101mdk.i586.rpm 71f10f045162b00f15574d86a1ac4042 10.1/RPMS/net-snmp-utils-5.1.2-6.1.101mdk.i586.rpm bafa69a28faf8e3f926e4791eca78afe 10.1/RPMS/perl-NetSNMP-5.1.2-6.1.101mdk.i586.rpm 9336accac13fed9119b8d53e1ce18842 10.1/SRPMS/net-snmp-5.1.2-6.1.101mdk.src.rpm Mandriva Linux 10.1/X86_64: fb7f15b0ce19d694d187c8d245b7eb39 x86_64/10.1/RPMS/lib64net-snmp5-5.1.2-6.1.101mdk.x86_64.rpm 2eb7bfbb87d50036f59d40c8f74013af x86_64/10.1/RPMS/lib64net-snmp5-devel-5.1.2-6.1.101mdk.x86_64.rpm 91f01ccb844bfe0fc288d0d2ae0a6b92 x86_64/10.1/RPMS/lib64net-snmp5-static-devel-5.1.2-6.1.101mdk.x86_64.rpm 19727111e192d653497dfd95788d605b x86_64/10.1/RPMS/net-snmp-5.1.2-6.1.101mdk.x86_64.rpm c8accd70d2ee97c8e96d7621614bab4a x86_64/10.1/RPMS/net-snmp-mibs-5.1.2-6.1.101mdk.x86_64.rpm 67fe7b2332127afe6ca19111c5ac0527 x86_64/10.1/RPMS/net-snmp-trapd-5.1.2-6.1.101mdk.x86_64.rpm 3d36801e15db09a37115c5299f0f8ed2 x86_64/10.1/RPMS/net-snmp-utils-5.1.2-6.1.101mdk.x86_64.rpm 9abc3a1c0109487a99491c0586410b5b x86_64/10.1/RPMS/perl-NetSNMP-5.1.2-6.1.101mdk.x86_64.rpm 9336accac13fed9119b8d53e1ce18842 x86_64/10.1/SRPMS/net-snmp-5.1.2-6.1.101mdk.src.rpm Mandriva Linux 10.2: d094f32e704563d30bacb2c4555313bd 10.2/RPMS/libnet-snmp5-5.2.1-3.1.102mdk.i586.rpm d1f446814f498f188add32de07b119bd 10.2/RPMS/libnet-snmp5-devel-5.2.1-3.1.102mdk.i586.rpm 9b75d6a1d06f29377e4ddb01e9dd77ca 10.2/RPMS/libnet-snmp5-static-devel-5.2.1-3.1.102mdk.i586.rpm 709bbe1ab3ade1d812451a0e95dbc74c 10.2/RPMS/net-snmp-5.2.1-3.1.102mdk.i586.rpm 70ab9c54aad572ef98bc05722b792dfa 10.2/RPMS/net-snmp-mibs-5.2.1-3.1.102mdk.i586.rpm f63e29921d9a996859803e1bacfa12b1 10.2/RPMS/net-snmp-trapd-5.2.1-3.1.102mdk.i586.rpm 9e7acc9c5e689d52ca713e70ae210fdf 10.2/RPMS/net-snmp-utils-5.2.1-3.1.102mdk.i586.rpm 4ce882e9f770d3b0703758f07de93d33 10.2/RPMS/perl-NetSNMP-5.2.1-3.1.102mdk.i586.rpm 274a211bc0310147425dde0177933b3a 10.2/SRPMS/net-snmp-5.2.1-3.1.102mdk.src.rpm Mandriva Linux 10.2/X86_64: 029c14c17368523ea88d25d62c357e05 x86_64/10.2/RPMS/lib64net-snmp5-5.2.1-3.1.102mdk.x86_64.rpm 5eac46a96bdaf1bd184095931c3fd7dc x86_64/10.2/RPMS/lib64net-snmp5-devel-5.2.1-3.1.102mdk.x86_64.rpm 0081e952f8cdb2cda6f9c5c3bbfcd824 x86_64/10.2/RPMS/lib64net-snmp5-static-devel-5.2.1-3.1.102mdk.x86_64.rpm 5750dfbeb765a8a9cc5edea0367136ef x86_64/10.2/RPMS/net-snmp-5.2.1-3.1.102mdk.x86_64.rpm 0bb727dd060f69e722e2d9119b09c920 x86_64/10.2/RPMS/net-snmp-mibs-5.2.1-3.1.102mdk.x86_64.rpm bed3ea77aedda99248cf505004cd7ce2 x86_64/10.2/RPMS/net-snmp-trapd-5.2.1-3.1.102mdk.x86_64.rpm 5b15725662b555b200599babd751202e x86_64/10.2/RPMS/net-snmp-utils-5.2.1-3.1.102mdk.x86_64.rpm c302bf9154a851284ec75845f2d16fbb x86_64/10.2/RPMS/perl-NetSNMP-5.2.1-3.1.102mdk.x86_64.rpm 274a211bc0310147425dde0177933b3a x86_64/10.2/SRPMS/net-snmp-5.2.1-3.1.102mdk.src.rpm Corporate 3.0: af2cfb8c941c61e09e90f972e196fc7c corporate/3.0/RPMS/libnet-snmp5-5.1-7.2.C30mdk.i586.rpm 398eb8a624998f3269fd921097e040b8 corporate/3.0/RPMS/libnet-snmp5-devel-5.1-7.2.C30mdk.i586.rpm 0654942277f25a812438356840d69063 corporate/3.0/RPMS/libnet-snmp5-static-devel-5.1-7.2.C30mdk.i586.rpm b50cee131b9255792bbfe4c785b7869b corporate/3.0/RPMS/net-snmp-5.1-7.2.C30mdk.i586.rpm dee0feb110fda0312fdcc05db315007a corporate/3.0/RPMS/net-snmp-mibs-5.1-7.2.C30mdk.i586.rpm e22ca26b96609e60b15459290dd5f37d corporate/3.0/RPMS/net-snmp-trapd-5.1-7.2.C30mdk.i586.rpm 1a35259e34c7f14c4618a712718db361 corporate/3.0/RPMS/net-snmp-utils-5.1-7.2.C30mdk.i586.rpm 8f3c4ead1bd79a6826dae2dfc279b972 corporate/3.0/SRPMS/net-snmp-5.1-7.2.C30mdk.src.rpm Corporate 3.0/X86_64: ff618e405dea0563a6e35680993ceb9b x86_64/corporate/3.0/RPMS/lib64net-snmp5-5.1-7.2.C30mdk.x86_64.rpm aea5952fc98d667280f2cc9595482fde x86_64/corporate/3.0/RPMS/lib64net-snmp5-devel-5.1-7.2.C30mdk.x86_64.rpm 877dd4ca90a79a07f22c3c91e523877c x86_64/corporate/3.0/RPMS/lib64net-snmp5-static-devel-5.1-7.2.C30mdk.x86_64.rpm f2f83c224b85bbc57d493085baed30d2 x86_64/corporate/3.0/RPMS/net-snmp-5.1-7.2.C30mdk.x86_64.rpm e6016001da2e93385d9bb33714dc3b5b x86_64/corporate/3.0/RPMS/net-snmp-mibs-5.1-7.2.C30mdk.x86_64.rpm 43a28bf6e34b44616a185d355ba33108 x86_64/corporate/3.0/RPMS/net-snmp-trapd-5.1-7.2.C30mdk.x86_64.rpm 53a861ab75ef7806ba59977f644ecc62 x86_64/corporate/3.0/RPMS/net-snmp-utils-5.1-7.2.C30mdk.x86_64.rpm 8f3c4ead1bd79a6826dae2dfc279b972 x86_64/corporate/3.0/SRPMS/net-snmp-5.1-7.2.C30mdk.src.rpm Multi Network Firewall 2.0: 283d5163bf181f98318a18575d823d41 mnf/2.0/RPMS/libnet-snmp5-5.1-7.1.M20mdk.i586.rpm 71783daec5bd3a6045d7337330f09ba2 mnf/2.0/SRPMS/net-snmp-5.1-7.1.M20mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFD2Wg6mqjQ0CJFipgRAkqFAJ9pS+KWFCf2nCCOOGBD9NwOblfy0gCeLp4e LX+wEvcbjV7TrErPjNxo0wM= =/TNu -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/