The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Net-SNMP: denial of service via AgentX

Synthesis of the vulnerability 

An attacker can overload the AgentX daemon of Net-SNMP, to generate a timeout, in order to trigger a denial of service.
Vulnerable products: BIG-IP Hardware, TMOS, Fedora, Juniper SBR, Net-SNMP, Solaris, RHEL, Ubuntu.
Severity of this weakness: 2/4.
Creation date: 05/12/2013.
Références of this bulletin: 2411, CVE-2012-6151, FEDORA-2013-22809, FEDORA-2013-22919, FEDORA-2013-22949, JSA10991, MDVSA-2014:017, MDVSA-2014:018, RHSA-2014:0322-01, SOL16476, USN-2166-1, VIGILANCE-VUL-13878.

Description of the vulnerability 

The RFC 2741 defines the protocol AgentX which is used to add SNMP agents.

However, when a timeout occurs, the AgentX of Net-SNMP can access to data which are no longer in memory.

An attacker can therefore overload the AgentX daemon of Net-SNMP, to generate a timeout, in order to trigger a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This security alert impacts software or systems such as BIG-IP Hardware, TMOS, Fedora, Juniper SBR, Net-SNMP, Solaris, RHEL, Ubuntu.

Our Vigil@nce team determined that the severity of this security weakness is medium.

The trust level is of type confirmed by the editor, with an origin of intranet client.

An attacker with a expert ability can exploit this security announce.

Solutions for this threat 

Net-SNMP: patch for AgentX.
Patch 3580458 is available.

F5 BIG-IP: fixed versions for NET-SNMP.
Fixed versions are indicated in information sources.

Fedora: new net-snmp packages.
New packages are available:
  net-snmp-5.7.2-7.fc18
  net-snmp-5.7.2-13.fc19
  net-snmp-5.7.2-16.fc20

Juniper SBR Carrier: versions 8.4.1R19 and 8.5.0R1.
Versions 8.4.1R19 and 8.5.0R1 are fixed:
  https://support.juniper.net/support/

Mandriva: new net-snmp packages.
New packages are available:
  net-snmp-5.4.2-2.5mdvmes5.2
  net-snmp-5.7.2-1.mbs1

RHEL 5: new net-snmp packages.
New packages are available:
  RHEL 5: net-snmp 5.3.2.2-22.el5_10.1

Solaris 11: version 11.2.2.5.0.
The version 11.2.2.5.0 is fixed:
  https://support.oracle.com/rs?type=doc&id=1925904.1

Solaris: version 11.2.3.4.1.
The version 11.2.3.4.1 is fixed:
  https://support.oracle.com/rs?type=doc&id=1935095.1

Ubuntu: new libsnmp packages.
New packages are available:
  Ubuntu 13.10: libsnmp30 5.7.2~dfsg-8ubuntu1.1
  Ubuntu 12.10: libsnmp15 5.4.3~dfsg-2.5ubuntu1.1
  Ubuntu 12.04 LTS: libsnmp15 5.4.3~dfsg-2.4ubuntu1.2
  Ubuntu 10.04 LTS: libsnmp15 5.4.2.1~dfsg0ubuntu1-0ubuntu2.3
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides networks vulnerabilities alerts. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.