RHEL 3 : net-snmp (RHSA-2004:023)
Medium Nessus Plugin ID 12453
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionUpdated Net-SNMP packages are available to correct a security vulnerability and other bugs.
The Net-SNMP project includes various Simple Network Management Protocol (SNMP) tools.
A security issue in Net-SNMP versions before 5.0.9 could allow an existing user/community to gain access to data in MIB objects that were explicitly excluded from their view. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0935 to this issue.
Users of Net-SNMP are advised to upgrade to these errata packages containing Net-SNMP 5.0.9 which is not vulnerable to this issue. In addition, Net-SNMP 5.0.9 fixes a number of other minor bugs.
SolutionUpdate the affected net-snmp, net-snmp-devel and / or net-snmp-utils packages.