Описание
Security update for net-snmp
This update for net-snmp fixes the following issues:
Security issues fixed:
- CVE-2018-18065: _set_key in agent/helpers/table_container.c had a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. (bsc#1111122)
Non-security issues fixed:
- swintst_rpm: Protect against unspecified Group name (bsc#1102775)
- Add tsm and tlstm MIBs and the USM security module. (bsc#1081164)
- Fix agentx freezing on timeout (bsc#1027353)
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.0
libsnmp30-5.7.3-lp150.6.3.1
libsnmp30-32bit-5.7.3-lp150.6.3.1
net-snmp-5.7.3-lp150.6.3.1
net-snmp-devel-5.7.3-lp150.6.3.1
net-snmp-devel-32bit-5.7.3-lp150.6.3.1
perl-SNMP-5.7.3-lp150.6.3.1
python2-net-snmp-5.7.3-lp150.6.3.1
python3-net-snmp-5.7.3-lp150.6.3.1
snmp-mibs-5.7.3-lp150.6.3.1
Ссылки
- E-Mail link for openSUSE-SU-2018:3381-1
- SUSE Security Ratings
Описание
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Затронутые продукты
openSUSE Leap 15.0:libsnmp30-32bit-5.7.3-lp150.6.3.1
openSUSE Leap 15.0:libsnmp30-5.7.3-lp150.6.3.1
openSUSE Leap 15.0:net-snmp-5.7.3-lp150.6.3.1
openSUSE Leap 15.0:net-snmp-devel-32bit-5.7.3-lp150.6.3.1
Ссылки
- CVE-2018-18065
- SUSE Bug 1111122