Array index error in the handle_nsExtendOutput2Table function in
agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated
users to cause a denial of service (out-of-bounds read and snmpd crash) via
an SNMP GET request for an entry not in the extension table.
Upstream has fixed the issue in all branches.
net-snmp 5.7.2_rc1 is in tree and has this fixed.
Thanks, Diego. Ok to stable the _rc here now?
Given what I see from the older versions, I'd say so. I tried it out here on our devel servers and sounds good.
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
Stable for HPPA.
Hey, the pci USE flag has disappeared in rc1.
I run my Gentoo systems on Linode and their supplied kernels don't have
And what's crazy is that when /proc/bus/pci is empty it causes snmpd to not run, it exit (status 1) when trying.
~ # snmpd
pcilib: Cannot open /proc/bus/pci
pcilib: Cannot find any working access method.
But if the $(use_with pci) use flag code is added back to the mix then we can build w/o PCI links and run on machines that don't have PCI enabled in the kernel (which I think is odd)
Please don't hijack bugs.
That's been fixed in later ebuilds including 5.7.1 final.
Apologies for the hi-jack; I made a new bug to bring back PCI use flag
GLSA vote: yes.
GLSA Vote: yes too. Request filed.
This issue was resolved and addressed in
GLSA 201409-02 at http://security.gentoo.org/glsa/glsa-201409-02.xml
by GLSA coordinator Kristian Fiskerstrand (K_F).