Debians sikkerhedsbulletin

DSA-111-1 ucd-snmp -- fjern-udnyttelse

Rapporteret den:

14. feb 2002

Berørte pakker:

Sårbar:

Referencer i sikkerhedsdatabaser:

I Mitres CVE-ordbog: CVE-2002-0012, CVE-2002-0013.
CERTs noter om sårbarheder, bulletiner og hændelser: VU#854306, VU#107186, CA-2002-03.

Yderligere oplysninger:

Secure Programming Group på Oulu University har gennemgået forskellige implementeringer af SNMP og afslørende adskillige problemer som kan medføre alt fra overbelastningsangreb ("Denial of Service") til fjern-angreb.

Nye UCD-SNMP-pakker er gjort klar, hvor disse problemer og et par andre er rettet. Den komplette liste over rettede problemer:

Når snmpd kørte eksterne programmer, blev midlertidige filer brugt på en usikker måde
snmpd nulstillede ikke supplementerede grupper korrekt, efter at have ændret uid og gid
Det meste af koden er ændret til at anvende buffere i stedet for strenge med en bestemt længde, for at forhindre bufferoverløb
ASN.1-fortolkeren kontrollerede ikke for negative længder
IFINDEX-svarhåndteringen i snmpnetstat udførte ikke en kontrol af om dens inddata var fornuftige

(tak til Caldera for det meste af arbejdet på disse rettelser)

Den nye version er 4.1.1-2.1 og vi anbefaler at du omgående opgraderer dine snmp-pakker.

Rettet i:

Debian GNU/Linux 2.2 (potato)

Kildekode:: http://security.debian.org/dists/stable/updates/main/source/ucd-snmp_4.1.1-2.2.diff.gz; http://security.debian.org/dists/stable/updates/main/source/ucd-snmp_4.1.1-2.2.dsc; http://security.debian.org/dists/stable/updates/main/source/ucd-snmp_4.1.1.orig.tar.gz
Alpha:: http://security.debian.org/dists/stable/updates/main/binary-alpha/libsnmp4.1-dev_4.1.1-2.2_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/libsnmp4.1_4.1.1-2.2_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/snmp_4.1.1-2.2_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/snmpd_4.1.1-2.2_alpha.deb
ARM:: http://security.debian.org/dists/stable/updates/main/binary-arm/libsnmp4.1-dev_4.1.1-2.2_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/libsnmp4.1_4.1.1-2.2_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/snmp_4.1.1-2.2_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/snmpd_4.1.1-2.2_arm.deb
Intel IA-32:: http://security.debian.org/dists/stable/updates/main/binary-i386/libsnmp4.1-dev_4.1.1-2.2_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/libsnmp4.1_4.1.1-2.2_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/snmp_4.1.1-2.2_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/snmpd_4.1.1-2.2_i386.deb
Motorola 680x0:: http://security.debian.org/dists/stable/updates/main/binary-m68k/libsnmp4.1-dev_4.1.1-2.2_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/libsnmp4.1_4.1.1-2.2_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/snmp_4.1.1-2.2_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/snmpd_4.1.1-2.2_m68k.deb
Sun Sparc:: http://security.debian.org/dists/stable/updates/main/binary-sparc/libsnmp4.1-dev_4.1.1-2.2_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/libsnmp4.1_4.1.1-2.2_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/snmp_4.1.1-2.2_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/snmpd_4.1.1-2.2_sparc.deb

MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.