Описание
Security update for net-snmp
This update for net-snmp fixes the following issues:
Security issues fixed:
- CVE-2018-18065: _set_key in agent/helpers/table_container.c had a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. (bsc#1111122)
Non-security issues fixed:
- swintst_rpm: Protect against unspecified Group name (bsc#1102775)
- Add tsm and tlstm MIBs and the USM security module. (bsc#1081164)
- Fix agentx freezing on timeout (bsc#1027353)
Список пакетов
SUSE Enterprise Storage 4
libsnmp30-5.7.3-6.3.1
libsnmp30-32bit-5.7.3-6.3.1
net-snmp-5.7.3-6.3.1
perl-SNMP-5.7.3-6.3.1
snmp-mibs-5.7.3-6.3.1
SUSE Linux Enterprise Desktop 12 SP3
libsnmp30-5.7.3-6.3.1
libsnmp30-32bit-5.7.3-6.3.1
net-snmp-5.7.3-6.3.1
perl-SNMP-5.7.3-6.3.1
snmp-mibs-5.7.3-6.3.1
SUSE Linux Enterprise Server 12 SP1-LTSS
libsnmp30-5.7.3-6.3.1
libsnmp30-32bit-5.7.3-6.3.1
net-snmp-5.7.3-6.3.1
perl-SNMP-5.7.3-6.3.1
snmp-mibs-5.7.3-6.3.1
SUSE Linux Enterprise Server 12 SP2-BCL
libsnmp30-5.7.3-6.3.1
libsnmp30-32bit-5.7.3-6.3.1
net-snmp-5.7.3-6.3.1
perl-SNMP-5.7.3-6.3.1
snmp-mibs-5.7.3-6.3.1
SUSE Linux Enterprise Server 12 SP2-LTSS
libsnmp30-5.7.3-6.3.1
libsnmp30-32bit-5.7.3-6.3.1
net-snmp-5.7.3-6.3.1
perl-SNMP-5.7.3-6.3.1
snmp-mibs-5.7.3-6.3.1
SUSE Linux Enterprise Server 12 SP3
libsnmp30-5.7.3-6.3.1
libsnmp30-32bit-5.7.3-6.3.1
net-snmp-5.7.3-6.3.1
perl-SNMP-5.7.3-6.3.1
snmp-mibs-5.7.3-6.3.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
libsnmp30-5.7.3-6.3.1
libsnmp30-32bit-5.7.3-6.3.1
net-snmp-5.7.3-6.3.1
perl-SNMP-5.7.3-6.3.1
snmp-mibs-5.7.3-6.3.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libsnmp30-5.7.3-6.3.1
libsnmp30-32bit-5.7.3-6.3.1
net-snmp-5.7.3-6.3.1
perl-SNMP-5.7.3-6.3.1
snmp-mibs-5.7.3-6.3.1
SUSE Linux Enterprise Software Development Kit 12 SP3
net-snmp-devel-5.7.3-6.3.1
SUSE OpenStack Cloud 7
libsnmp30-5.7.3-6.3.1
libsnmp30-32bit-5.7.3-6.3.1
net-snmp-5.7.3-6.3.1
perl-SNMP-5.7.3-6.3.1
snmp-mibs-5.7.3-6.3.1
Ссылки
- Link for SUSE-SU-2018:3447-1
- E-Mail link for SUSE-SU-2018:3447-1
- SUSE Security Ratings
- SUSE Bug 1027353
- SUSE Bug 1081164
- SUSE Bug 1102775
- SUSE Bug 1111122
- SUSE CVE CVE-2018-18065 page
Описание
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Затронутые продукты
SUSE Enterprise Storage 4:libsnmp30-32bit-5.7.3-6.3.1
SUSE Enterprise Storage 4:libsnmp30-5.7.3-6.3.1
SUSE Enterprise Storage 4:net-snmp-5.7.3-6.3.1
SUSE Enterprise Storage 4:perl-SNMP-5.7.3-6.3.1
Ссылки
- CVE-2018-18065
- SUSE Bug 1111122
- SUSE Bug 1126909
- SUSE Bug 1145864