----- B a l a B i t S e c u r i t y A d v i s o r y ( B B S A ) ----- PACKAGE : ucd-snmp, net-snmp AFFECTED VERSION : <= 4.2.3-2.zorpos3, <= 5.1.2-6.zorpos1.7, <= 5.2.1.2-4ubuntu2.2.zorpos33.2 FIXED : 4.2.3-2.zorpos4, 5.1.2-6.zorpos1.8, 5.2.1.2-4ubuntu2.2.zorpos33.3 SUMMARY : incomplete HMAC authentication TYPE : remote AFFECTED : ZorpOS 3.0, ZorpOS 3.1, ZorpOS 3.3 ZORP-OS SPECIFIC : NO BBSA-AUTHOR : Tamás Pál BBSA-ID : BBSA-2008-030 BBSA-ADDRESS : advisory@balabit.hu GNUPG FINGERPRINT : 933E 6763 D32D A01C 1A75 F228 9CB1 81C7 D91E 8915 CVE : CVE-2008-0960 DATE : Jun 12, 2008 ----------------------------------------------------------------------------- BACKGROUND: Some SNMP implementations include incomplete HMAC authentication code that allows spoofing of authenticated SNMPv3 packets. The authentication code reads the length to be checked from sender input, this allows the sender to supply single byte HMAC code and have a 1 in 256 chance of matching the correct HMAC and authenticating, as only the first byte will be checked. The sender would need to know a valid username. SOLUTION: We recommend that you update the affected packages immediately. Upgrading using apt: ~~~~~~~~~~~~~~~~~~~~ Add the following line to /etc/apt/sources.list (if it doesn't contain this line already) ZorpOS version 3.0: deb https://USERNAME:PASSWORD@apt.balabit.hu/zorp-os \ zorp-os-3.0/3.0security zorp-os ZorpOS version 3.1: deb https://USERNAME:PASSWORD@apt.balabit.hu/zorp-os \ zorp-os-3.1/3.1security zorp-os zorp-os-extra ZorpOS version 3.3: deb https://USERNAME:PASSWORD@apt.balabit.hu/zorp-os \ zorp-os-3.3/3.3security zorp-os zorp-os-extra then issue the following commands as root: apt-get update apt-get -u upgrade The latest upgrades will be downloaded and installed. REFERENCES: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0960