Oracle Solaris Third-Party Patch Update : net-snmp (cve_2012_6151_resource_management)
Medium Nessus Plugin ID 80707
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout. (CVE-2012-6151)
SolutionUpgrade to Solaris 220.127.116.11.1.