Detections
Analytics

OracleVM 3.3 : net-snmp (OVMSA-2015-0099)

medium Nessus Plugin ID 85140

Language:

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

 - Add Oracle ACFS to hrStorage (John Haxby) [orabug 18510373]

 - Quicker loading of IP-MIB::ipAddrTable (#1191393)

 - Quicker loading of IP-MIB::ipAddressTable (#1191393)

 - Fixed snmptrapd crash when '-OQ' parameter is used and invalid trap is received (#CVE-2014-3565)

 - added faster caching into IP-MIB::ipNetToMediaTable (#789500)

 - fixed compilation with '-Werror=format-security' (#1181994)

 - added clear error message when port specified in 'clientaddrr' config option cannot be bound (#886468)

 - fixed error check in IP-MIB::ipAddressTable (#1012430)

 - fixed agentx client crash on failed response (#1023570)

 - fixed dashes in net-snmp-config.h (#1034441)

 - fixed crash on monitor trigger (#1050970)

 - fixed 'netsnmp_assert 1 == new_val->high failed' message in system log (#1065210)

 - fixed parsing of 64bit counters from SMUX subagents (#1069046)

 - Fixed HOST-RESOURCES-MIB::hrProcessorTable on machines with >100 CPUs (#1070075)

 - fixed net-snmp-create-v3-user to have the same content on 32 and 64bit installations (#1073544)

 - fixed IPADDRESS value length in Python bindings (#1100099)

 - fixed hrStorageTable to contain 31 bits integers (#1104293)

 - fixed links to developer man pages (#1119567)

 - fixed storageUseNFS functionality in hrStorageTable (#1125793)

 - fixed netsnmp_set Python bindings call truncating at the first '\000' character (#1126914)

 - fixed log level of SMUX messages (#1140234)

 - use python/README to net-snmp-python subpackage (#1157373)

 - fixed forwarding of traps with RequestID=0 in snmptrapd (#1146948)

 - fixed typos in NET-SNMP-PASS-MIB and SMUX-MIB (#1162040)

 - fixed close overhead of extend commands (#1188295)

 - fixed lmSensorsTable not reporting sensors with duplicate names (#967871)

 - fixed hrDeviceTable with interfaces with large ifIndex (#1195547)

 - added 'diskio' option to snmpd.conf, it's possible to monitor only selected devices in diskIOTable (#990674)

 - fixed CVE-2014-2284: denial of service flaw in Linux implementation of ICMP-MIB (#1073223)

 - added cache to hrSWRunTable to provide consistent results (#1007634)

 - skip 'mvfs' (ClearCase) when skipNFSInHostResources is enabled (#1073237)

 - fixed snmptrapd crashing on forwarding SNMPv3 traps (#1131844)

 - fixed HOST-RESOURCES-MIB::hrSystemProcesses (#1134335)

 - fixed snmp daemons and utilities crashing in FIPS mode (#1001830)

 - added support of btrfs filesystem in hrStorageTable (#1006706)

 - fixed issues found by static analysis tools

 - restored ABI of read_configs_* functions

 - fixed parsing of bulk responses (#983116)

 - added support of vzfs filesystem in hrStorageTable (#989498)

 - fixed endless loop when parsing sendmail configuration file with queue groups (#991213)

 - fixed potential memory leak on realloc failure when processing 'extend' option (#893119)

 - added precise enumeration of configuration files searched to snmp_config(5) man page (#907571)

 - set permissions of snmpd.conf and snmptrapd conf to 0600 (#919239)

 - fixed kernel threads in hrSWRunTable (#919952)

 - fixed various error codes in Python module (#955771)

 - fixed snmpd crashing in the middle of agentx request processing when a subagent disconnects (#955511)

 - allow 'includeFile' and 'includeDir' options in configuration files (#917816)

 - fixed netlink message size (#927474)

 - fixed IF-MIB::ifSpeedHi on systems with non-standard interface speeds (#947973)

 - fixed BRIDGE-MIB::dot1dBasePortTable not to include the bridge itself as a port (#960568)

 - fixed snmpd segfault when 'agentaddress' configuration options is used and too many SIGHUP signals are received (#968898)

 - updated UCD-SNMP-MIB::dskTable to dynamically add/remove disks if 'includeAllDisks' is specified in snmpd.conf (#922691)

 - fixed crash when parsing invalid SNMP packets (#953926)

 - fixed snmpd crashing with 'exec' command with no arguments in snmpd.conf (#919259)

Solution

Update the affected net-snmp / net-snmp-libs / net-snmp-utils packages.

See Also

https://oss.oracle.com/pipermail/oraclevm-errata/2015-July/000349.html

Plugin Details

Severity: Medium

ID: 85140

File Name: oraclevm_OVMSA-2015-0099.nasl

Version: 2.6

Type: local

Published: 7/31/2015

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:net-snmp-libs, cpe:/o:oracle:vm_server:3.3, p-cpe:/a:oracle:vm:net-snmp, p-cpe:/a:oracle:vm:net-snmp-utils

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 7/30/2015

Vulnerability Publication Date: 3/24/2014

Reference Information

CVE: CVE-2014-2284, CVE-2014-3565

BID: 65867, 69477