Detections
Analytics

Debian DSA-111-1 : ucd-snmp - remote exploit

high Nessus Plugin ID 14948

Synopsis

The remote Debian host is missing a security-related update.

Description

The Secure Programming Group of the Oulu University did a study on SNMP implementations and uncovered multiple problems which can cause problems ranging from Denial of Service attacks to remote exploits.

New UCD-SNMP packages have been prepared to fix these problems as well as a few others. The complete list of fixed problems is :

 - When running external programs snmpd used temporary files insecurely
 - snmpd did not properly reset supplementary groups after changing its uid and gid

 - Modified most code to use buffers instead of fixed-length strings to prevent buffer overflows

 - The ASN.1 parser did not check for negative lengths

 - The IFINDEX response handling in snmpnetstat did not do a sanity check on its input

(thanks to Caldera for most of the work on those patches)


The new version is 4.1.1-2.1 and we recommend you upgrade your snmp packages immediately.

Solution

Upgrade the affected ucd-snmp package.

See Also

http://www.debian.org/security/2002/dsa-111

Plugin Details

Severity: High

ID: 14948

File Name: debian_DSA-111.nasl

Version: 1.24

Type: local

Agent: unix

Published: 9/29/2004

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:ucd-snmp, cpe:/o:debian:debian_linux:2.2

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 2/14/2002

Reference Information

CERT: 107186, 854306

DSA: 111