[ MDVSA-2015:229 ] net-snmp

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:229
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : net-snmp
 Date    : May 6, 2015
 Affected: Business Server 1.0, Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated net-snmp packages fix security vulnerability:
 
 It was discovered that the snmp_pdu_parse() function could leave
 incompletely parsed varBind variables in the list of variables. A
 remote, unauthenticated attacker could exploit this flaw to cause a
 crash or, potentially, execute arbitrary code.
 _______________________________________________________________________

 References:

 http://advisories.mageia.org/MGASA-2015-0187.html
 ______________________________________________________________________

Leave a Reply