-----BEGIN PGP SIGNED MESSAGE-----

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                     ESB-2004.0049 -- RHSA-2004:023-01
           Updated Net-SNMP packages fix security and other bugs
                              16 January 2004

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:                Net-SNMP
Publisher:              Red Hat
Operating System:       Red Hat Enterprise Linux AS 3
                        Red Hat Enterprise Linux ES 3
                        Red Hat Enterprise Linux WS 3
Impact:                 Access Privileged Data
Access Required:        Remote
CVE Names:              CAN-2003-0935

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Updated Net-SNMP packages fix security and other bugs
Advisory ID:       RHSA-2004:023-01
Issue date:        2004-01-15
Updated on:        0000-04-01
Product:           Red Hat Enterprise Linux
Keywords:          ucd-snmp
Cross references:  
Obsoletes:         
CVE Names:         CAN-2003-0935
- - ---------------------------------------------------------------------

1. Topic:

Updated Net-SNMP packages are available to correct a security vulnerability
and other bugs.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux ES version 3 - i386
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

The Net-SNMP project includes various Simple Network Management Protocol
(SNMP) tools.

A security issue in Net-SNMP versions before 5.0.9 could allow an existing
user/community to gain access to data in MIB objects that were explicitly
excluded from their view.  The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0935 to this issue.

Users of Net-SNMP are advised to upgrade to these errata packages containing
Net-SNMP 5.0.9 which is not vulnerable to this issue.  In addition,
Net-SNMP 5.0.9 fixes a number of other minor bugs.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):

109622 - net-snmp unauthorised access to mibs

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/3AS/en/os/SRPMS/net-snmp-5.0.9-2.30E.1.src.rpm

i386:
Available from Red Hat Network: net-snmp-5.0.9-2.30E.1.i386.rpm
Available from Red Hat Network: net-snmp-devel-5.0.9-2.30E.1.i386.rpm
Available from Red Hat Network: net-snmp-utils-5.0.9-2.30E.1.i386.rpm

ia64:
Available from Red Hat Network: net-snmp-5.0.9-2.30E.1.ia64.rpm
Available from Red Hat Network: net-snmp-devel-5.0.9-2.30E.1.ia64.rpm
Available from Red Hat Network: net-snmp-utils-5.0.9-2.30E.1.ia64.rpm

ppc:
Available from Red Hat Network: net-snmp-5.0.9-2.30E.1.ppc.rpm
Available from Red Hat Network: net-snmp-devel-5.0.9-2.30E.1.ppc.rpm
Available from Red Hat Network: net-snmp-utils-5.0.9-2.30E.1.ppc.rpm

s390:
Available from Red Hat Network: net-snmp-5.0.9-2.30E.1.s390.rpm
Available from Red Hat Network: net-snmp-devel-5.0.9-2.30E.1.s390.rpm
Available from Red Hat Network: net-snmp-utils-5.0.9-2.30E.1.s390.rpm

s390x:
Available from Red Hat Network: net-snmp-5.0.9-2.30E.1.s390x.rpm
Available from Red Hat Network: net-snmp-devel-5.0.9-2.30E.1.s390x.rpm
Available from Red Hat Network: net-snmp-utils-5.0.9-2.30E.1.s390x.rpm

x86_64:
Available from Red Hat Network: net-snmp-5.0.9-2.30E.1.x86_64.rpm
Available from Red Hat Network: net-snmp-devel-5.0.9-2.30E.1.x86_64.rpm
Available from Red Hat Network: net-snmp-utils-5.0.9-2.30E.1.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/3ES/en/os/SRPMS/net-snmp-5.0.9-2.30E.1.src.rpm

i386:
Available from Red Hat Network: net-snmp-5.0.9-2.30E.1.i386.rpm
Available from Red Hat Network: net-snmp-devel-5.0.9-2.30E.1.i386.rpm
Available from Red Hat Network: net-snmp-utils-5.0.9-2.30E.1.i386.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/3WS/en/os/SRPMS/net-snmp-5.0.9-2.30E.1.src.rpm

i386:
Available from Red Hat Network: net-snmp-5.0.9-2.30E.1.i386.rpm
Available from Red Hat Network: net-snmp-devel-5.0.9-2.30E.1.i386.rpm
Available from Red Hat Network: net-snmp-utils-5.0.9-2.30E.1.i386.rpm

ia64:
Available from Red Hat Network: net-snmp-5.0.9-2.30E.1.ia64.rpm
Available from Red Hat Network: net-snmp-devel-5.0.9-2.30E.1.ia64.rpm
Available from Red Hat Network: net-snmp-utils-5.0.9-2.30E.1.ia64.rpm

x86_64:
Available from Red Hat Network: net-snmp-5.0.9-2.30E.1.x86_64.rpm
Available from Red Hat Network: net-snmp-devel-5.0.9-2.30E.1.x86_64.rpm
Available from Red Hat Network: net-snmp-utils-5.0.9-2.30E.1.x86_64.rpm



7. Verification:

MD5 sum                          Package Name
- - --------------------------------------------------------------------------

848359f597ebf1a083501cf3c80532fc 3AS/en/os/SRPMS/net-snmp-5.0.9-2.30E.1.src.rpm
79ca1bebbf32c8a2aff71853ade36296 3AS/en/os/i386/net-snmp-5.0.9-2.30E.1.i386.rpm
e7f28a7da234bb6ee2d6f55fda30107c 3AS/en/os/i386/net-snmp-devel-5.0.9-2.30E.1.i386.rpm
bec698635f32742031ebbce4db92f3cd 3AS/en/os/i386/net-snmp-utils-5.0.9-2.30E.1.i386.rpm
c57836c4bc29c2e9a94fcdace13b8352 3AS/en/os/ia64/net-snmp-5.0.9-2.30E.1.ia64.rpm
07f6ddd369d38551baa5e8141c98826a 3AS/en/os/ia64/net-snmp-devel-5.0.9-2.30E.1.ia64.rpm
a01100bc7d51a32fa381df866297ac88 3AS/en/os/ia64/net-snmp-utils-5.0.9-2.30E.1.ia64.rpm
64a3c07f70292fb7193ddae92523166b 3AS/en/os/ppc/net-snmp-5.0.9-2.30E.1.ppc.rpm
2cf2fe5acb2ada50af46255aca7cd9be 3AS/en/os/ppc/net-snmp-devel-5.0.9-2.30E.1.ppc.rpm
2600ca9c62e1556b1658e28f99d8c469 3AS/en/os/ppc/net-snmp-utils-5.0.9-2.30E.1.ppc.rpm
f4cf5b5792fade070b5be837ea40be12 3AS/en/os/s390/net-snmp-5.0.9-2.30E.1.s390.rpm
08468bec94947f9f44a33b72802bdfc4 3AS/en/os/s390/net-snmp-devel-5.0.9-2.30E.1.s390.rpm
a7eda2441bbc09e163ed13b4db6932f8 3AS/en/os/s390/net-snmp-utils-5.0.9-2.30E.1.s390.rpm
33acbbd4932fccc522efd0fb5d0adb1e 3AS/en/os/s390x/net-snmp-5.0.9-2.30E.1.s390x.rpm
a62f73ac880b56ad51848c2b3f08b0f1 3AS/en/os/s390x/net-snmp-devel-5.0.9-2.30E.1.s390x.rpm
e5f048af0fae73025b543ded7445fe61 3AS/en/os/s390x/net-snmp-utils-5.0.9-2.30E.1.s390x.rpm
7752bcd3f4eeb840da54031c5967234f 3AS/en/os/x86_64/net-snmp-5.0.9-2.30E.1.x86_64.rpm
4a7dde3020926893ace9ab8744021d67 3AS/en/os/x86_64/net-snmp-devel-5.0.9-2.30E.1.x86_64.rpm
1b2d25bfb90fbd213ddbeecea128d2c1 3AS/en/os/x86_64/net-snmp-utils-5.0.9-2.30E.1.x86_64.rpm
848359f597ebf1a083501cf3c80532fc 3ES/en/os/SRPMS/net-snmp-5.0.9-2.30E.1.src.rpm
79ca1bebbf32c8a2aff71853ade36296 3ES/en/os/i386/net-snmp-5.0.9-2.30E.1.i386.rpm
e7f28a7da234bb6ee2d6f55fda30107c 3ES/en/os/i386/net-snmp-devel-5.0.9-2.30E.1.i386.rpm
bec698635f32742031ebbce4db92f3cd 3ES/en/os/i386/net-snmp-utils-5.0.9-2.30E.1.i386.rpm
848359f597ebf1a083501cf3c80532fc 3WS/en/os/SRPMS/net-snmp-5.0.9-2.30E.1.src.rpm
79ca1bebbf32c8a2aff71853ade36296 3WS/en/os/i386/net-snmp-5.0.9-2.30E.1.i386.rpm
e7f28a7da234bb6ee2d6f55fda30107c 3WS/en/os/i386/net-snmp-devel-5.0.9-2.30E.1.i386.rpm
bec698635f32742031ebbce4db92f3cd 3WS/en/os/i386/net-snmp-utils-5.0.9-2.30E.1.i386.rpm
c57836c4bc29c2e9a94fcdace13b8352 3WS/en/os/ia64/net-snmp-5.0.9-2.30E.1.ia64.rpm
07f6ddd369d38551baa5e8141c98826a 3WS/en/os/ia64/net-snmp-devel-5.0.9-2.30E.1.ia64.rpm
a01100bc7d51a32fa381df866297ac88 3WS/en/os/ia64/net-snmp-utils-5.0.9-2.30E.1.ia64.rpm
7752bcd3f4eeb840da54031c5967234f 3WS/en/os/x86_64/net-snmp-5.0.9-2.30E.1.x86_64.rpm
4a7dde3020926893ace9ab8744021d67 3WS/en/os/x86_64/net-snmp-devel-5.0.9-2.30E.1.x86_64.rpm
1b2d25bfb90fbd213ddbeecea128d2c1 3WS/en/os/x86_64/net-snmp-utils-5.0.9-2.30E.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key is
available from https://www.redhat.com/security/keys.html

You can verify each package with the following command:
    
    rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    
    md5sum <filename>


8. References:

http://sourceforge.net/forum/forum.php?forum_id=308015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0935

9. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/solutions/security/news/contact.html

Copyright 2003 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFABqFMXlSAg2UNWIIRAvnrAKCr+ZtGKklDiD1Au+oWBiTHPXrhIQCdGll4
84z5d9MkHs5m4GMwaOE33ro=
=uM0U
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business 
                hours which are GMT+10:00 (AEST).  On call after hours 
                for member emergencies only.
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBQAdsiCh9+71yA2DNAQFpowP/d8Nn/G3sZ7nVNFxF8/uYhAQdz5UgBihR
Qo+99mYYFzC6KFEjLw2CWq82BB+bq1fpojZ4yNEzdJ9gb4i4b2d2bCXnHbpDfpBg
UqLNbUlCiXD9SnKPCMXheW0tUqUBbTnDkndcOhP+iiQB4AzrjvzlKvBHMh1w+Jgw
lvVF6vd/kaU=
=KlFr
-----END PGP SIGNATURE-----