Security Advisory New ucd-snmp package to fix several security vulnerabilities

Advisory: RHSA-2001:101-07
Type: Security Advisory
Severity: N/A
Issued on: 2001-08-15
Last updated on: 2001-10-31
Affected Products: Red Hat Linux 6.2
Red Hat Linux 7.0
Red Hat Linux 7.1
OVAL: N/A

Details

Updated ucd-snmp packages are now available for Red Hat Linux 6.2, 7 and
7.1. These packages include fixes for the following problems:

- /tmp race and setgroups() privilege problem
- Various buffer overflow and format string issues
- One signedness problem in ASN handling

It is recommended that all users update to the fixed packages.

Due to the mentioned security problems a remote attacker might obtain
superuser privileges on a vulnerable host.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains
the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Linux 6.2
SRPMS:
ucd-snmp-4.2.1-4.6.x.src.rpm
File outdated by:  RHSA-2001:163		     50fbf0b59533287c6ca7f2e831097ca1
 
Alpha:
ucd-snmp-4.2.1-4.6.x.alpha.rpm
File outdated by:  RHSA-2001:163		     fc1f7b4b390e55623a4f112d6d22df3f
ucd-snmp-devel-4.2.1-4.6.x.alpha.rpm
File outdated by:  RHSA-2001:163		     02df074653c0f12c1ff91623068e37b7
ucd-snmp-utils-4.2.1-4.6.x.alpha.rpm
File outdated by:  RHSA-2001:163		     ebb4943126a26503eeb63f69272ced55
 
IA-32:
ucd-snmp-4.2.1-4.6.x.i386.rpm
File outdated by:  RHSA-2001:163		     4525cae85645e8b90f3df6e7b304969b
ucd-snmp-devel-4.2.1-4.6.x.i386.rpm
File outdated by:  RHSA-2001:163		     431a301c54348c1e3db4598a48ed8a7f
ucd-snmp-utils-4.2.1-4.6.x.i386.rpm
File outdated by:  RHSA-2001:163		     199fef0186401d6aaebad5cb420f1f5a
 
Sparc:
ucd-snmp-4.2.1-4.6.x.sparc.rpm
File outdated by:  RHSA-2001:163		     6767ded2ab1c9be85ed6bdef3ef99bb0
ucd-snmp-devel-4.2.1-4.6.x.sparc.rpm
File outdated by:  RHSA-2001:163		     88393bda9bdcb8eaff5446ef99706780
ucd-snmp-utils-4.2.1-4.6.x.sparc.rpm
File outdated by:  RHSA-2001:163		     35697b8870fb665ce7bd320ec553406d
 
Red Hat Linux 7.0
SRPMS:
ucd-snmp-4.2.1-4.7.x.src.rpm
File outdated by:  RHBA-2002:106		     324fe7a1b365aee05ab0ea021e2fa31b
 
Alpha:
ucd-snmp-4.2.1-4.7.x.alpha.rpm
File outdated by:  RHBA-2002:106		     923fcf52bca69c7e0158694b5d36cff8
ucd-snmp-devel-4.2.1-4.7.x.alpha.rpm
File outdated by:  RHBA-2002:106		     e93308a3f78d56128699365c02cc4104
ucd-snmp-utils-4.2.1-4.7.x.alpha.rpm
File outdated by:  RHBA-2002:106		     bf73c635ea5ae22e8a807c9b693074b7
 
IA-32:
ucd-snmp-4.2.1-4.7.x.i386.rpm
File outdated by:  RHBA-2002:106		     bf77ed26156daf3a677aa5309624b375
ucd-snmp-devel-4.2.1-4.7.x.i386.rpm
File outdated by:  RHBA-2002:106		     e6928929f4eb9f0fd0e1981fa233d421
ucd-snmp-utils-4.2.1-4.7.x.i386.rpm
File outdated by:  RHBA-2002:106		     0ecc7a4a846747b857943b0f90862f32
 
Red Hat Linux 7.1
SRPMS:
ucd-snmp-4.2.1-4.7.x.src.rpm
File outdated by:  RHBA-2002:106		     324fe7a1b365aee05ab0ea021e2fa31b
 
Alpha:
ucd-snmp-4.2.1-4.7.x.alpha.rpm
File outdated by:  RHBA-2002:106		     923fcf52bca69c7e0158694b5d36cff8
ucd-snmp-devel-4.2.1-4.7.x.alpha.rpm
File outdated by:  RHBA-2002:106		     e93308a3f78d56128699365c02cc4104
ucd-snmp-utils-4.2.1-4.7.x.alpha.rpm
File outdated by:  RHBA-2002:106		     bf73c635ea5ae22e8a807c9b693074b7
 
IA-32:
ucd-snmp-4.2.1-4.7.x.i386.rpm
File outdated by:  RHBA-2002:159		     bf77ed26156daf3a677aa5309624b375
ucd-snmp-devel-4.2.1-4.7.x.i386.rpm
File outdated by:  RHBA-2002:159		     e6928929f4eb9f0fd0e1981fa233d421
ucd-snmp-utils-4.2.1-4.7.x.i386.rpm
File outdated by:  RHBA-2002:159		     0ecc7a4a846747b857943b0f90862f32
 
IA-64:
ucd-snmp-4.2.1-4.7.x.ia64.rpm
File outdated by:  RHBA-2002:106		     95bee57049321a71a652378a5d9bc924
ucd-snmp-devel-4.2.1-4.7.x.ia64.rpm
File outdated by:  RHBA-2002:106		     7da94da3bddc150e3c49f8e90c7f08eb
ucd-snmp-utils-4.2.1-4.7.x.ia64.rpm
File outdated by:  RHBA-2002:106		     59d0791af0a8c717d6fdad0e967d823a
 

Keywords

fix, security, ucd-snmp

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/