Amazon Linux AMI : net-snmp (ALAS-2014-316)
Medium Nessus Plugin ID 73235
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionA buffer overflow flaw was found in the way the decode_icmp_msg() function in the ICMP-MIB implementation processed Internet Control Message Protocol (ICMP) message statistics reported in the /proc/net/snmp file. A remote attacker could send a message for each ICMP message type, which could potentially cause the snmpd service to crash when processing the /proc/net/snmp file. (CVE-2014-2284)
SolutionRun 'yum update net-snmp' to update your system.