Family: Fedora Local Security Checks --> Category: infos
Fedora Core 4 2005-561: net-snmp Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the net-snmp package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory FEDORA-2005-561 (net-snmp).
SNMP (Simple Network Management Protocol) is a protocol used for
network management. The NET-SNMP project includes various SNMP tools:
an extensible agent, an SNMP library, tools for requesting or setting
information from SNMP agents, tools for generating and handling SNMP
traps, a version of the netstat command which uses SNMP, and a Tk/Perl
mib browser. This package contains the snmpd and snmptrapd daemons,
You will probably also want to install the net-snmp-utils package,
which contains NET-SNMP utilities.
--without tcp_wrappers : disable tcp_wrappers support
A security vulnerability has been found in Net-SNMP releases that
could allow a denial of service attack against Net-SNMP agent's which
have opened a stream based protocol (EG, TCP but not UDP
it should be
noted that Net-SNMP does not by default open a TCP port).
Solution : http://fedoranews.org//mediawiki/index.php/Fedora_Core_4_Update:_net-snmp-184.108.40.206-fc4.1
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.