Objavljena je nova nadogradnja programskog paketa net-snmp. Spomenuta nadogradnja ispravlja propust kojeg je bilo moguće iskoristiti za napad uskraćivanjem usluga (DoS).
Paket:
net-snmp 5.x
Operacijski sustavi:
CentOS
Problem:
neodgovarajuća provjera ulaznih podataka
Iskorištavanje:
lokalno/udaljeno
Posljedica:
uskraćivanje usluga (DoS)
Rješenje:
programska zakrpa proizvođača
Izvorni ID preporuke:
2012:0674
Izvor:
CentOS
Problem:
Problem sigurnosti je posljedica pogrešnog kodiranja negativnih "Request-ID" zahtjeva.
Posljedica:
Posljedica napada je odbijanje "Request-ID" zahtjeva od strane nekih implementacija SNMP (eng. Simple Network Management Protocol) protokola.
Rješenje:
Svim se korisnicima programskog paketa net-snmp savjetuje nadogradnja na novije inačice.
CentOS Errata and Bugfix Advisory 2012:0674
Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-0674.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
f35693760f59d58949e62cfdabc4707100f9f65b7511eaef4df73ef17ea428ac
net-snmp-5.3.2.2-17.el5_8.1.i386.rpm
1b240f3bfe66f6d4c57a65f425a3a08b7ff7f5046003a01f3fa11752b8d21fdc
net-snmp-devel-5.3.2.2-17.el5_8.1.i386.rpm
91daec6672b3fc03133adaa52d09f4c9698c1f75431cbd80be0e2fdfb93097ed
net-snmp-libs-5.3.2.2-17.el5_8.1.i386.rpm
16bd4c0409f8e2ce254fa687bbb74e36f3bba1a74c689486852b138bd4373724
net-snmp-perl-5.3.2.2-17.el5_8.1.i386.rpm
92050047f5a531f09b70927571e99b9e6d8237c196866c89cf3e998f5b876489
net-snmp-utils-5.3.2.2-17.el5_8.1.i386.rpm
x86_64:
a2f13372a16c0bd48b3922b28a6861d76b415dad1540a4daf13354c660a188db
net-snmp-5.3.2.2-17.el5_8.1.x86_64.rpm
1b240f3bfe66f6d4c57a65f425a3a08b7ff7f5046003a01f3fa11752b8d21fdc
net-snmp-devel-5.3.2.2-17.el5_8.1.i386.rpm
bf0deb282689a8c785bd39bbcdd356833409c7c96cd13d33cc77695792d72bf3
net-snmp-devel-5.3.2.2-17.el5_8.1.x86_64.rpm
91daec6672b3fc03133adaa52d09f4c9698c1f75431cbd80be0e2fdfb93097ed
net-snmp-libs-5.3.2.2-17.el5_8.1.i386.rpm
7b1b4a43cde5a4643647c1ae474f286f316bc9985901f40316d50a5e1bf57bb9
net-snmp-libs-5.3.2.2-17.el5_8.1.x86_64.rpm
4bb76faf5e628b863d0ee9fcffeb5eafa5cabebab4db536e914b6fc72b74e99e
net-snmp-perl-5.3.2.2-17.el5_8.1.x86_64.rpm
07f68c1d162a489a409c0965866ce8b02d5861fac24c864ba4e20ce770b28769
net-snmp-utils-5.3.2.2-17.el5_8.1.x86_64.rpm
Source:
c93084c2431087c41b18c6e8981f96ea4829ca3b2df7834ee6537f0666b506e3
net-snmp-5.3.2.2-17.el5_8.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
Posljednje sigurnosne preporuke