Linux Today: Linux News On Internet Time.

More on LinuxToday

Red Hat Security Advisory: Update ucd-snmp Packages

Feb 13, 2002, 01:39 (0 Talkback[s])
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Updated ucd-snmp packages available
Advisory ID:       RHSA-2001:163-20
Issue date:        2001-12-04
Updated on:        2002-02-12
Product:           Red Hat Linux
Keywords:          ucd-snmp protos test suite snmp
Cross references:  
Obsoletes:         RHSA-2001:101

1. Topic:

Updated ucd-snmp packages are now available for Red Hat Linux 6.2, 7, 7.1,
and 7.2. These packages prevent possible denial of service attacks and
security breaches as discovered by the Oulu University Secure Programming Group

2. Relevant releases/architectures:

Red Hat Linux 6.2 - alpha, i386, sparc

Red Hat Linux 7.0 - alpha, i386

Red Hat Linux 7.1 - alpha, i386, ia64

Red Hat Linux 7.2 - i386, ia64

3. Problem description:

The Simple Network Management Protocol (SNMP) enables
monitoring and configuration of network nodes.

The Oulu University Secure Programming Group performed
a vulnerability assessment of various SNMP implementations through syntax
testing and test-suite creation.

The test-suite showed several failures in the ucd-snmp tools in version
4.2.2 and earlier. These vulnerabilities can cause denial-of-service
conditions, service interruptions, and in some cases could result in a
remote security breach.

Updated ucd-snmp packages are provided that are not susceptible to these
vulnerabilities and which pass all tests of the test-suite sucessfully.

The Common Vulnerabilities and Exposures project ( has
assigned the names CAN-2002-0012 and CAN-2002-0013 to these issues.

All users of ucd-snmp should upgrade to these errata packages.

For Red Hat Linux 7.2 updated packages for ethereal (a network traffic
analyser that makes use of ucd-snmp) are directly available
via this errata as well. For all previous versions of Red Hat Linux a
separate powertools errata will provide updated ethereal packages.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory only contains
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:


This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

For Red Hat Linux 6.2 you will need to use the following commands to
update your system using up2date:

up2date -u
up2date ucd-snmp ucd-snmp-utils
up2date ucd-snmp-devel ucd-snmp-utils

5. Bug IDs fixed ( for more info):

6. RPMs required:

Red Hat Linux 6.2:





Red Hat Linux 7.0:




Red Hat Linux 7.1:





Red Hat Linux 7.2:




7. Verification:

MD5 sum                          Package Name
a93ef3b304dba985f37547ba46e382eb 6.2/en/os/SRPMS/ucd-snmp-4.2.3-1.6.x.3.src.rpm
92ea4db6bca56bb0ea47335f853c7ae5 6.2/en/os/alpha/ucd-snmp-4.2.3-1.6.x.3.alpha.rpm
de05716aa97465f4ab4f53d5bd2eb8e6 6.2/en/os/alpha/ucd-snmp-devel-4.2.3-1.6.x.3.alpha.rpm
f0ab940c43598a1386a849a5836b8267 6.2/en/os/alpha/ucd-snmp-utils-4.2.3-1.6.x.3.alpha.rpm
827d215a8cb9a66e945d143aba13be6e 6.2/en/os/i386/ucd-snmp-4.2.3-1.6.x.3.i386.rpm
7e509bbcbafd138fcbda00da716b0b4a 6.2/en/os/i386/ucd-snmp-devel-4.2.3-1.6.x.3.i386.rpm
090fd5720da54241ac5cc3b13c728d1a 6.2/en/os/i386/ucd-snmp-utils-4.2.3-1.6.x.3.i386.rpm
c7a2ceca0bcbc7d9895410a1c30b68bd 6.2/en/os/sparc/ucd-snmp-4.2.3-1.6.x.3.sparc.rpm
6489ed206100c2f45e84803c979d7831 6.2/en/os/sparc/ucd-snmp-devel-4.2.3-1.6.x.3.sparc.rpm
adb73a49a76814e0a0062d54164e8864 6.2/en/os/sparc/ucd-snmp-utils-4.2.3-1.6.x.3.sparc.rpm
cc8f148b8089dfe0371a4b4312b10356 7.0/en/os/SRPMS/ucd-snmp-4.2.3-
b5dcd37ae2c618c0805c945ef48c8a2a 7.0/en/os/alpha/ucd-snmp-4.2.3-
b8ac7c6a82b0700c8beacc0cfd966c06 7.0/en/os/alpha/ucd-snmp-devel-4.2.3-
333c14a24bb2fb993bdc46948012c3fe 7.0/en/os/alpha/ucd-snmp-utils-4.2.3-
71bf5b3269947b022f2a3b9563abe138 7.0/en/os/i386/ucd-snmp-4.2.3-
291e97cc40fa8de21abb9a4802bd13a4 7.0/en/os/i386/ucd-snmp-devel-4.2.3-
8755a960b05ba32a83c0a43f54a6b54f 7.0/en/os/i386/ucd-snmp-utils-4.2.3-
a0db045a9b979b75e2330acd66f256e8 7.1/en/os/SRPMS/ucd-snmp-4.2.3-
78f8c246da84abbeacd057e5cce97d78 7.1/en/os/alpha/ucd-snmp-4.2.3-
befb3e8dc22577adc765a78bf96384be 7.1/en/os/alpha/ucd-snmp-devel-4.2.3-
1be70e2f146c6db34289fe84d97261f7 7.1/en/os/alpha/ucd-snmp-utils-4.2.3-
c4fd87f32a9623e0048b26eaed096b11 7.1/en/os/i386/ucd-snmp-4.2.3-
f8fe8f621ab724e6d911cf3a9585ec0f 7.1/en/os/i386/ucd-snmp-devel-4.2.3-
103e0333eb4e37d977ceb61e5bf11ea2 7.1/en/os/i386/ucd-snmp-utils-4.2.3-
30a55717364c3b2bd3e4e06269719786 7.1/en/os/ia64/ucd-snmp-4.2.3-
8185cc3c0462112519f10d9d8be1ee4c 7.1/en/os/ia64/ucd-snmp-devel-4.2.3-
1f525a11d11a786a5b408a782f2637ca 7.1/en/os/ia64/ucd-snmp-utils-4.2.3-
7fe150108bbef46453f67e24a6c731fa 7.2/en/os/SRPMS/ethereal-0.8.18-
636f2553be1458d0332bbc9e7dc68300 7.2/en/os/SRPMS/ucd-snmp-4.2.3-
0e5cb05d81426fbee44e4c5fc4b2d176 7.2/en/os/i386/ethereal-0.8.18-
bc176a2fba2fa979f2aa28a82570c6cf 7.2/en/os/i386/ethereal-gnome-0.8.18-
0b124baa0ad9d6dfff163bedefbd2cf8 7.2/en/os/i386/ucd-snmp-4.2.3-
c2bd228d204ee3c7668209d8e26e02c1 7.2/en/os/i386/ucd-snmp-devel-4.2.3-
2111e9ba725167a3f6d87db056a8bda2 7.2/en/os/i386/ucd-snmp-utils-4.2.3-
53c6a32691f1f8e544fdd0cb02f33c49 7.2/en/os/ia64/ethereal-0.8.18-
ab92e7740c7da2ebc753413202f19847 7.2/en/os/ia64/ethereal-gnome-0.8.18-
8709b09c525d513b5e66a22bb1843ca3 7.2/en/os/ia64/ucd-snmp-4.2.3-
ea4c89388a0259224bf00476e44df2b4 7.2/en/os/ia64/ucd-snmp-devel-4.2.3-
2b993706e29bb45a336945ec4a03964c 7.2/en/os/ia64/ucd-snmp-utils-4.2.3-

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:

You can verify each package with the following command:
    rpm --checksig  

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg 

8. References:

Copyright(c) 2000, 2001 Red Hat, Inc.