Описание
Security update for net-snmp
This update for net-snmp fixes the following issues:
- CVE-2020-15862: Make extended MIB read-only (bsc#1174961)
- CVE-2018-18065: Fix remote DoS in agent/helpers/table.c (bsc#1111122)
Список пакетов
openSUSE Leap 15.3
libsnmp30-5.7.3-10.9.1
libsnmp30-32bit-5.7.3-10.9.1
net-snmp-5.7.3-10.9.1
net-snmp-devel-5.7.3-10.9.1
net-snmp-devel-32bit-5.7.3-10.9.1
perl-SNMP-5.7.3-10.9.1
python2-net-snmp-5.7.3-10.9.1
python3-net-snmp-5.7.3-10.9.1
snmp-mibs-5.7.3-10.9.1
openSUSE Leap 15.3 NonFree
opera-84.0.4316.14-lp153.2.36.1
Ссылки
- E-Mail link for openSUSE-SU-2022:0050-1
- SUSE Security Ratings
- SUSE Bug 1027353
- SUSE Bug 1081164
- SUSE Bug 1102775
- SUSE Bug 1108471
- SUSE Bug 1111122
- SUSE Bug 1116807
- SUSE Bug 1140341
- SUSE Bug 1145864
- SUSE Bug 1152968
- SUSE Bug 1174961
- SUSE Bug 1178021
- SUSE Bug 1178351
- SUSE Bug 1179009
- SUSE Bug 1179699
- SUSE Bug 1181591
- SUSE CVE CVE-2018-18065 page
- SUSE CVE CVE-2020-15862 page
Описание
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Затронутые продукты
openSUSE Leap 15.3 NonFree:opera-84.0.4316.14-lp153.2.36.1
openSUSE Leap 15.3:libsnmp30-32bit-5.7.3-10.9.1
openSUSE Leap 15.3:libsnmp30-5.7.3-10.9.1
openSUSE Leap 15.3:net-snmp-5.7.3-10.9.1
Ссылки
- CVE-2018-18065
- SUSE Bug 1111122
- SUSE Bug 1126909
- SUSE Bug 1145864
Описание
Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.
Затронутые продукты
openSUSE Leap 15.3 NonFree:opera-84.0.4316.14-lp153.2.36.1
openSUSE Leap 15.3:libsnmp30-32bit-5.7.3-10.9.1
openSUSE Leap 15.3:libsnmp30-5.7.3-10.9.1
openSUSE Leap 15.3:net-snmp-5.7.3-10.9.1
Ссылки
- CVE-2020-15862
- SUSE Bug 1174961
- SUSE Bug 1193875
- SUSE Bug 1196341