Ubuntu 4.10 / 5.04 / 5.10 : ucd-snmp vulnerability (USN-190-2)

Ubuntu Security Notice (C) 2005-2013 Canonical, Inc. / NASL script (C) 2006-2013 Tenable Network Security, Inc.

Synopsis :

The remote Ubuntu host is missing one or more security-related patches.

Description :

USN-190-1 fixed a vulnerability in the net-snmp library. It was
discovered that the same problem also affects the ucs-snmp
implementation (which is used by the Cyrus email server).

Original advisory :

A remote Denial of Service has been discovered in the SMNP (Simple
Network Management Protocol) library. If a SNMP agent uses TCP sockets
for communication, a malicious SNMP server could exploit this to crash
the agent. Please note that by default SNMP uses UDP sockets.

Solution :

Update the affected libsnmp4.2 and / or libsnmp4.2-dev packages.

Risk factor :

Medium / CVSS Base Score : 5.0

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 20604 ()

Bugtraq ID:

CVE ID: CVE-2005-2177