Your message dated Fri, 31 Jul 2020 11:10:27 +0000
with message-id <[email protected]>
and subject line Bug#966599: fixed in net-snmp 5.8+dfsg-5
has caused the Debian Bug report #966599,
regarding snmpd: Elevation of Privileges due to symlink handling
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
966599: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966599
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: snmpd
Version: 5.8+dfsg-4
Severity: grave
Tags: security upstream
Justification: user security hole
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
CVE-2020-15861
snmpd runs as a low privileged user account. However, in combination with
the *snmp-mibs-downloader package* this protection can be bypassed and it is
possible for this account to elevate permissions to the root user.
This attack happens due to how snmpd handles symlinks.
References:
https://github.com/net-snmp/net-snmp/issues/145
https://github.com/net-snmp/net-snmp/commit/4fd9a450444a434a993bc72f7c3486ccce41f602
This security vulnerability was found by Tobias Neitzel of usd AG.
- -- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.4.0-4-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8),
LANGUAGE=en_AU:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages snmpd depends on:
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.73
ii init-system-helpers 1.57
ii libc6 2.30-2
ii libsnmp-base 5.8+dfsg-2
ii libsnmp35 5.8+dfsg-4
ii lsb-base 11.1.0
snmpd recommends no packages.
Versions of packages snmpd suggests:
ii snmptrapd 5.8+dfsg-4
- -- Configuration Files:
/etc/snmp/snmpd.conf changed [not included]
- -- debconf information excluded
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCgAwFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAl8j268SHGNzbWFsbEBk
ZWJpYW4ub3JnAAoJEAIhZsD/PITjzj0P/ReencZCeEbL/F2lznh8AhH42fC6tpi9
1McAS/calfYn9wFUTIfqi9JemMVjx8+2m0c6qW0/Yz698CACS45eUY4xTK9ejLEM
Lezi2kQDLZwGHLfMIcd4U3DSC3ZNlFomOT0Idl43q2yiqHLYdXzxWaVSfgAHxLB2
ElBHSAS+UYCgp7Jd38oEZ5++rTUw5dKb249IiUee+AMCUToCHMes0abJ4r7D79ow
PCIV410f1m1WlPJa5nWD/MioSnjdR2v9gmkuzmTq5Qjl6ShOR2B7Fh2/NWXzegXh
Tu7MPeSAa7VnybicwIACzo7M7YvVBsw32CTtJZnOKFFU/Xrg6j/cUvTkpKuB+c+W
D3dTgjieMRC0Gfc6aIAGE+nTOP4xMjLGGyhAxgBKp2THlZksO5ZSA4KXGswGLygl
N19qe30Xy0ROuAKPMChNRmJXw0M+/pY2AX91QJUqGhvkXPfNBmtiy6LHyFo2RRCk
yOlAC/8oQH8uHp1x7SUe02tiogbsLY/Yn6HTuvlo89Bt7UK2ifQXyqUkapySF3nw
QDRFDh8+hkCvAubcW2ViEAY2n0Mca0+zeN5FyxK3PINSU6iz1zT2L3NI2HhIrZuZ
3YXCDQJe2jYa/LpeeBaR3TdY6ArDiwrkpzTwsOfltc4BzMyzUt1/7ccnhhNZo9N1
xwiQIxBbfw7b
=Rnwp
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Source: net-snmp
Source-Version: 5.8+dfsg-5
Done: Craig Small <[email protected]>
We believe that the bug you reported is fixed in the latest version of
net-snmp, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Craig Small <[email protected]> (supplier of updated net-snmp package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 31 Jul 2020 20:29:41 +1000
Source: net-snmp
Architecture: source
Version: 5.8+dfsg-5
Distribution: unstable
Urgency: medium
Maintainer: Net-SNMP Packaging Team <[email protected]>
Changed-By: Craig Small <[email protected]>
Closes: 966544 966599
Changes:
net-snmp (5.8+dfsg-5) unstable; urgency=medium
.
* Allow extend to be read-only Closes: #966544
* Stop using mib_index files CVE-2020-15861 Closes: 966599
Checksums-Sha1:
c078975bd5c23c1ad903da93dcf13a31baa57c9c 2812 net-snmp_5.8+dfsg-5.dsc
abd8867c8751fcf7b25ff4b1a4aae0661352d6ee 77296
net-snmp_5.8+dfsg-5.debian.tar.xz
8067492ac9e2b67ad7ec09268cacb11aa0ed9d8c 9896
net-snmp_5.8+dfsg-5_amd64.buildinfo
Checksums-Sha256:
2b46f745b2e321061c45ff6d9039d35addedef236203e386f6be71b18126fb73 2812
net-snmp_5.8+dfsg-5.dsc
3097a16b7538f9d492844a54e4dfea8ab80110f0b0b2b5f17cc95b09da99e78e 77296
net-snmp_5.8+dfsg-5.debian.tar.xz
8cdeaf05ed1440d2a37618634faa6fbebd9d32cfd9f61abe280dd1521d601c08 9896
net-snmp_5.8+dfsg-5_amd64.buildinfo
Files:
798e4bbdcd5db65374aa293d5d354ab8 2812 net optional net-snmp_5.8+dfsg-5.dsc
fe50a3169add1bc0654867b76a857956 77296 net optional
net-snmp_5.8+dfsg-5.debian.tar.xz
329199d0a038e6cc5a3e6cf43de1b2f8 9896 net optional
net-snmp_5.8+dfsg-5_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAl8j85gACgkQAiFmwP88
hOMw+A//WqKTRW+vHbXyLaXbtqxnvkCCu7CCV6IkOgUv6HrQU4pO//Tl7MQQHU54
s2OucQNz7h74LaHyLbe8hsUZgcRVHidVSsCp5IB0epoEypD3aeH5DubbdVVOItsw
sL9Sad4WsLy3pYnO1xp6i6YwfjA5nsXLQXdorzdfDDIAcsOO8AhkJx40s4E/Uzqt
wgI/S5v21eqBExo1mg2h45xAbTr18T9IkHBghtCTGo7qI/+Qv7xpkT67XhV7Ah4p
8I1aVROnBPGTOpu4wN6y7CtkAvkR4rTuU/RZ310YjEuHur2JCskWWMf2c9VtDkQb
72dO2V/nQb+YQIsrffzUcAIArQAnAlf9v5PSvSQYNrzlQ53Oxvv5NZEGEQrbdw8H
E3ukjf1knQhbdtUUB+1IKqV6UUtfPwPMzedHW5vwh4AleLJL5KxSgf6ReNDlaLj1
ZtCR8TiQGqacb+FF/rIZ1sKHhdmM3LSE/e3lIy8xEiFmo9+9NYSXJzhtMgMXbmbq
DRbxssdIwEymhF8x9yaHzzcUUIVrXzXmaKKVALCkwLxocXykrMIp5C8nxORk1wCQ
or2tRG27XWFIaqv2eK+0wxiS/Yl0di1LoWjql9EMCsY8HpWxRIiwmiAfeoBR9+R4
DKYc4mz3PxoDildbqOMp3gc0ievRaou0UP4Z1ohEYEtMBZjetvw=
=S0Ch
-----END PGP SIGNATURE-----
--- End Message ---