Bug#400557: [Pkg-net-snmp-devel] Bug#400557: CVE-2006-5941:
Unspecified Malformed TCP packet remote denial of service
vulnerability
Thomas Anders
thomas.anders at blue-cable.de
Mon Nov 27 12:32:18 CET 2006
CVE-2006-5941 has been assigned based on a Sun Alert that talks about
vulnerabilities in the Sun-supplied Net-SNMP package for
Solaris *only*. The Sun Alert also says:
- --- snip ---
Note 2: The Net-SNMP software was not bundled with Solaris prior to
Solaris 10. However, customers who have built and/or installed a
vulnerable version of Net-SNMP on any version of Solaris are at risk.
See the Net-SNMP web site to download the latest version of Net-SNMP
which addresses these issues.
- --- snap ---
Bottom line: The original CVE-2005-2177 has been fixed in the Debian
Net-SNMP packages and CVE-2006-5941 doesn't even apply.
+Thomas
--
Thomas Anders (thomas.anders at blue-cable.de)
More information about the Pkg-net-snmp-devel
mailing list