Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-5795-2

Ubuntu Security Notice 5795-2 - USN-5795-1 and 5543-1 fixed several vulnerabilities in Net-SNMP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that Net-SNMP incorrectly handled certain requests. A remote attacker could possibly use these issues to cause Net-SNMP to crash, resulting in a denial of service.

Packet Storm
#vulnerability#ubuntu#dos
==========================================================================Ubuntu Security Notice USN-5795-2January 16, 2023net-snmp vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 16.04 ESM- Ubuntu 14.04 ESMSummary:Several security issues were fixed in Net-SNMP.Software Description:- net-snmp: SNMP (Simple Network Management Protocol) server and applicationsDetails:USN-5795-1 and 5543-1 fixed several vulnerabilities in Net-SNMP. This update providesthe corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.Original advisory details: It was discovered that Net-SNMP incorrectly handled certain requests. A remote attacker could possibly use these issues to cause Net-SNMP to crash, resulting in a denial of service. Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled memory operations when processing certain requests. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 16.04 ESM:  libsnmp30                       5.7.3+dfsg-1ubuntu4.6+esm1  snmp                            5.7.3+dfsg-1ubuntu4.6+esm1  snmpd                           5.7.3+dfsg-1ubuntu4.6+esm1Ubuntu 14.04 ESM:  libsnmp30                       5.7.2~dfsg-8.1ubuntu3.3+esm3  snmp                            5.7.2~dfsg-8.1ubuntu3.3+esm3  snmpd                           5.7.2~dfsg-8.1ubuntu3.3+esm3In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-5795-2  https://ubuntu.com/security/notices/USN-5795-1  CVE-2022-24805, CVE-2022-24806, CVE-2022-24807, CVE-2022-24808,  CVE-2022-24809, CVE-2022-24810, CVE-2022-44792, CVE-2022-44793

Related news

Red Hat Security Advisory 2024-7875-03

Red Hat Security Advisory 2024-7875-03 - An update for net-snmp is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow and null pointer vulnerabilities.

Red Hat Security Advisory 2024-7260-03

Red Hat Security Advisory 2024-7260-03 - An update for net-snmp is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and null pointer vulnerabilities.

RHSA-2023:2969: Red Hat Security Advisory: net-snmp security and bug fix update

An update for net-snmp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-44792: A vulnerability was found in Net-SNMP. This issue occurs because the handle_ipDefaultTTL function in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP has a NULL Pointer Exception flaw that allows a remote attacker (who has to write access) to cause the instance to crash via a crafted UDP packet, resulting in a denial of service. * CVE-2022-44793: ...

RHSA-2023:2444: Red Hat Security Advisory: net-snmp security and bug fix update

An update for net-snmp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-44792: A vulnerability was found in Net-SNMP. This issue occurs because the handle_ipDefaultTTL function in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP has a NULL Pointer Exception flaw that allows a remote attacker (who has to write access) to cause the instance to crash via a crafted UDP packet, resulting in a denial of service. * CVE-2022-44793: ...

Ubuntu Security Notice USN-5795-1

Ubuntu Security Notice 5795-1 - It was discovered that Net-SNMP incorrectly handled certain requests. A remote attacker could possibly use these issues to cause Net-SNMP to crash, resulting in a denial of service.

Ubuntu Security Notice USN-5795-1

Ubuntu Security Notice 5795-1 - It was discovered that Net-SNMP incorrectly handled certain requests. A remote attacker could possibly use these issues to cause Net-SNMP to crash, resulting in a denial of service.

CVE-2022-44792: NULL Pointer Exception when handling ipDefaultTTL · Issue #474 · net-snmp/net-snmp

handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

CVE-2022-44793: NULL Pointer Exception when handling pv6IpForwarding · Issue #475 · net-snmp/net-snmp

handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

Gentoo Linux Security Advisory 202210-29

Gentoo Linux Security Advisory 202210-29 - Multiple vulnerabilities have been discovered in Net-SNMP, the worst of which could result in denial of service. Versions less than 5.9.2 are affected.

Gentoo Linux Security Advisory 202210-29

Gentoo Linux Security Advisory 202210-29 - Multiple vulnerabilities have been discovered in Net-SNMP, the worst of which could result in denial of service. Versions less than 5.9.2 are affected.

Gentoo Linux Security Advisory 202210-29

Gentoo Linux Security Advisory 202210-29 - Multiple vulnerabilities have been discovered in Net-SNMP, the worst of which could result in denial of service. Versions less than 5.9.2 are affected.

Gentoo Linux Security Advisory 202210-29

Gentoo Linux Security Advisory 202210-29 - Multiple vulnerabilities have been discovered in Net-SNMP, the worst of which could result in denial of service. Versions less than 5.9.2 are affected.

Gentoo Linux Security Advisory 202210-29

Gentoo Linux Security Advisory 202210-29 - Multiple vulnerabilities have been discovered in Net-SNMP, the worst of which could result in denial of service. Versions less than 5.9.2 are affected.

Gentoo Linux Security Advisory 202210-29

Gentoo Linux Security Advisory 202210-29 - Multiple vulnerabilities have been discovered in Net-SNMP, the worst of which could result in denial of service. Versions less than 5.9.2 are affected.

Ubuntu Security Notice USN-5543-1

Ubuntu Security Notice 5543-1 - Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled memory operations when processing certain requests. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-5543-1

Ubuntu Security Notice 5543-1 - Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled memory operations when processing certain requests. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-5543-1

Ubuntu Security Notice 5543-1 - Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled memory operations when processing certain requests. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-5543-1

Ubuntu Security Notice 5543-1 - Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled memory operations when processing certain requests. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-5543-1

Ubuntu Security Notice 5543-1 - Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled memory operations when processing certain requests. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-5543-1

Ubuntu Security Notice 5543-1 - Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled memory operations when processing certain requests. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code.

Packet Storm: Latest News

Ubuntu Security Notice USN-7089-6