Updated net-snmp packages fix CVE-2012-6151
Publication date: 21 Jan 2014Modification date: 21 Jan 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2012-6151
Description
Updated net-snmp packages fix security vulnerability:
Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and
processing GETNEXT requests, allows remote attackers to cause a denial of
service (crash or infinite loop, CPU consumption, and hang) by causing the
AgentX subagent to timeout (CVE-2012-6151).
This update also fixes two other minor issues: IPADDRESS size in
python-netsnmp on 64-bit systems and adding btrfs support to hrFSTable.
References
- https://lists.fedoraproject.org/pipermail/package-announce/2014-January/125828.html
- https://lists.fedoraproject.org/pipermail/package-announce/2013-January/097794.html
- https://lists.fedoraproject.org/pipermail/package-announce/2013-January/097794.html
- https://bugs.mageia.org/show_bug.cgi?id=12236
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6151
SRPMS
3/core
- net-snmp-5.7.2-7.1.mga3