Debian Security Advisory DSA 873-1 (net-snmp) Network Vulnerability

Summary

The remote host is missing an update to net-snmp announced via advisory DSA 873-1. A security vulnerability has been found in Net-SNMP releases that could allow a denial of service attack against Net-SNMP agent's that have opened a stream based protocol (eg TCP but not UDP). By default, Net-SNMP does not open a TCP port. The old stable distribution (woody) does not contain a net-snmp package.

Solution

For the stable distribution (sarge) this problem has been fixed in version 5.1.2-6.2. For the unstable distribution (sid) this problem has been fixed in version 5.2.1.2-1. We recommend that you upgrade your net-snmp package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20873-1

Severity

Classification

CVE CVE-2005-2177

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1041-1 (abc2ps)
Debian Security Advisory DSA 1147-1 (drupal)
Debian Security Advisory DSA 1023-1 (kaffeine)
Debian Security Advisory DSA 1119-1 (hiki)
Debian Security Advisory DSA 1059-1 (quagga)

Take action and discover your vulnerabilities