Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-564-1: Net-SNMP vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-564-1: Net-SNMP vulnerability
# 1  
Old 01-09-2008
USN-564-1: Net-SNMP vulnerability
Referenced CVEs:
CVE-2007-5846


Description:
===========================================================Ubuntu Security Notice USN-564-1 January 09, 2008net-snmp vulnerabilityCVE-2007-5846===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 6.10Ubuntu 7.04Ubuntu 7.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: snmpd 5.2.1.2-4ubuntu2.2Ubuntu 6.10: snmpd 5.2.2-5ubuntu1.1Ubuntu 7.04: snmpd 5.2.3-4ubuntu1.1Ubuntu 7.10: snmpd 5.3.1-6ubuntu2.1In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Bill Trost discovered that snmpd did not properly limit GETBULKrequests. A remote attacker could specify a large number ofmax-repetitions and cause a denial of service via resourceexhaustion.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. HP-UX

Net-snmp 5.7.2 on HP-UX 11.31

Hi All, I have an issue with net-snmp communication from a monitoring server to HP UX server. Following are the details HP - UX server : 172.16.184.34 Monitoring Server : 172.16.5.57 (Solarwinds Application)I'm running HP-UX's snmp on udp port 161 and net-snmp on udp 1161. ... (0 Replies)
Discussion started by: maverick_here
0 Replies

2. Infrastructure Monitoring

net-snmp issue

When I run a script that polls a router I get the following error from net-snmp. I can not seem to find a straight answer. Could my mib files be corrupt? xxx-xxx:/etc/sma/snmp/mibs# perl /export/home/user/perl/test.pl Unlinked OID in SNMPv2-MIB: snmp ::= { mib-2 11 } Undefined identifier:... (2 Replies)
Discussion started by: mrlayance
2 Replies

3. Solaris

net-snmp on solaris 8

hello I am running solaris 8 sparc. I installed net-snmp 5.4.1 (compiled it from tar file). When I do snmpwalk from another server, I receive a partial list of OIDs then it stops and gives 'timeout. No response...' another snmpwalk will directly timeouts. I compiled again the binaries... (1 Reply)
Discussion started by: melanie_pfefer
1 Replies

4. Solaris

net-snmp-5.1.2 Solaris 9

All, I downloaded and installed the following net-snmp from the sourceforge.net website on a Solaris 9 server with the entire collection installed: net-snmp-5.1.2-SunOS_5.9_sun4u.tar.gz with no errors. I attempt to run snmpget and I get the following error: ld.so.1: snmpget: fatal:... (1 Reply)
Discussion started by: bubba112557
1 Replies

5. UNIX for Dummies Questions & Answers

net-snmp

Does anybody know where I can get net-snmp for compaq tru64 V4.0G? I am having a difficult time locating it. Can it run on tru64 V4.0G? (2 Replies)
Discussion started by: jalburger
2 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

usn-tombstone-cleanup.pl

USN-TOMBSTONE-CLEANUP.PL(8)				      System Manager's Manual				       USN-TOMBSTONE-CLEANUP.PL(8)

NAME

       usn-tombstone-cleanup.pl - Directory Server perl script for cleaning up tombstone entries.

SYNOPSIS

       usn-tombstone-cleanup.pl [-Z serverID] [-D rootdn] { -w password | -w - | -j filename } -s suffix -n backend [-m maxusn_to_delete] [-P pro-
       tocol] [-v] [-h]

DESCRIPTION

       Deletes the tombstone entries maintained by the instance if the USN Plug-in is enabled.

OPTIONS

       A summary of options is included below:

       -Z Server Identifier
	      The server ID of the Directory Server instance.  If there is only one instance on the system, this option can be skipped.

       -D Root DN
	      The Directory Manager DN, or root DN.  If not specified, the script will search the server instance configuration for the value.

       -w password
	      The rootdn password.

       -w -
	      Prompt for the rootdn password.

       -j password filename
	      The name of the file that contains the root DN password.

       -s suffix
	      Gives the name of the suffix containing the entries to clean/delete.

       -n backend
	      Gives the name of the database containing the entries to clean/delete.  Example, userRoot.

       -m maxusn_to_delete
	      Sets the upper bound for entries to delete. All tombstone entries with an entryUSN value up to the specified maximum (inclusive) are
	      deleted, but not past that USN value. If no maximum USN value is set, then all backend tombstone entries are deleted.

       -P protocol
	      The  connection  protocol  to  connect  to the Directory Server.	Protocols are STARTTLS, LDAPS, LDAPI, and LDAP.  If this option is
	      skipped, the most secure protocol that is available is used.  For LDAPI, AUTOBIND is also available for the root user.

       -v
	      Display verbose ouput

       -h
	      Display usage

EXAMPLE

       usn-tombstone-cleanup.pl -Z instance2 -D 'cn=directory manager' -w password -n userRoot -s 'ou=people,dc=example,dc=com' -P STARTTLS

	      Note: security must be enabled to use protocol STARTTLS.	If STARTTLS is not available it will default to  next  strongest/available
	      protocol automatically.

DIAGNOSTICS

       Exit status is zero if no errors occur.	Errors result in a non-zero exit status and a diagnostic message being written to standard error.

AUTHOR

       usn-tombstone-cleanup.pl was written by the 389 Project.

REPORTING BUGS

       Report bugs to http://bugzilla.redhat.com.

COPYRIGHT

       Copyright (C) 2013 Red Hat, Inc.

								    Mar 5, 2013 				       USN-TOMBSTONE-CLEANUP.PL(8)