Note: This is an archival copy of Security Sun Alert 201266 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000949.1. |
Category Security Release Phase Resolved Solaris 10 Operating System Bug Id 6314978 Date of Workaround Release 24-MAY-2007 Date of Resolved Release 04-JUN-2007 Impact When the System Management Agent (SMA) SNMP daemon (snmpd(1M)) is running in "master agentx" mode, a security vulnerability may allow a local or remote unprivileged user to create a Denial of Service (DoS) condition by causing a particular TCP disconnect. This issue is described in the following document: CVE-2005-4837 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4837 Contributing Factors This issue can occur in the following releases: SPARC Platform
x86 Platform
Notes:
This issue only affects systems which have the SUNWsmagt package installed and AgentX is enabled. To determine if the SUNWsmagt package is installed on the system, the following command can be run: $ pkginfo -l SUNWsmagt PKGINST: SUNWsmagt NAME: System Management Agent files and libraries CATEGORY: system VERSION: 1.0,REV=2005.01.08.05.16 To confirm the version of Net-SNMP installed on the system, the following command can be run: $ /usr/sfw/sbin/snmpd -v NET-SNMP version: 5.0.9 Web: http://www.net-snmp.org/ Email: net-snmp-coders@lists.sourceforge.net If the version reported is 5.0.9 or earlier and the above patch is not installed then the described issue may occur. By default, AgentX support is turned off. This issue will only occur if AgentX support is enabled explicitly. To determine if AgentX support is enabled, the following command can be run (as 'root'): # grep agentx /etc/sma/snmp/snmpd.conf master agentx The above output indicates AgentX support is enabled and snmpd(1M) is vulnerable. If the above command produces no output, then snmpd(1M) is not vulnerable. Symptoms Should the described issue occur, snmpd(1M) will core dump. Workaround To work around the described issue, disable AgentX support by commenting out the "master agentx" entry in the "/etc/sma/snmp/snmpd.conf" file, as in the following example: #master agentx then restart SMA with the following command: # /etc/init.d/init.sma restart Resolution This issue is addressed in the following releases: SPARC Platform
x86 Platform
Modification History Date: 04-JUN-2007
References120272-07120273-08 Attachments This solution has no attachment |
|