[Bug 239129] Re: [CVE-2008-0960] Multiple SNMP implementations HMAC authentication spoofing

Alexander Konovalenko alexkon at gmail.com
Sat Jun 21 12:35:43 BST 2008

A fix for net-snmp is in Intrepid:

net-snmp (5.4.1~dfsg-7.1ubuntu2) intrepid; urgency=low

  * SECURITY UPDATE: HMAC authentication spoofing.
  * debian/patches/51_CVE-2008-0960.patch: fixes HMAC authentication spoofing.
  * debian/patches/52_use_right_config_file.patch: Use the right configuration
    file for lmsensors. (LP: #192745)

 -- Chuck Short < zulcss at ubuntu.com>   Mon, 16 Jun 2008 15:47:18 +0000

I intended to nominate this bug for the Dapper-Hardy releases only in
net-snmp but I now can't figure out how to remove the nominations from
ecos and ucd-snmp.

** CVE added: http://www.cve.mitre.org/cgi-

** Changed in: net-snmp (Ubuntu)
       Status: New => Fix Released

[CVE-2008-0960] Multiple SNMP implementations HMAC authentication spoofing
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to net-snmp in ubuntu.

More information about the Ubuntu-server-bugs mailing list