Amazon Linux 1 Security Advisory: ALAS-2021-1465
Advisory Release Date: 2021-01-12 22:51 Pacific
Advisory Updated Date: 2021-01-13 18:19 Pacific
A flaw was found in Net-SNMP through version 5.73, where an Improper Privilege Management issue occurs due to SNMP WRITE access to the EXTEND MIB allows running arbitrary commands as root. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-15862)
Affected Packages:
net-snmp
Issue Correction:
Run yum update net-snmp to update your system.
i686:
net-snmp-debuginfo-5.5-60.22.amzn1.i686
net-snmp-python-5.5-60.22.amzn1.i686
net-snmp-libs-5.5-60.22.amzn1.i686
net-snmp-perl-5.5-60.22.amzn1.i686
net-snmp-devel-5.5-60.22.amzn1.i686
net-snmp-utils-5.5-60.22.amzn1.i686
net-snmp-5.5-60.22.amzn1.i686
src:
net-snmp-5.5-60.22.amzn1.src
x86_64:
net-snmp-debuginfo-5.5-60.22.amzn1.x86_64
net-snmp-python-5.5-60.22.amzn1.x86_64
net-snmp-perl-5.5-60.22.amzn1.x86_64
net-snmp-5.5-60.22.amzn1.x86_64
net-snmp-devel-5.5-60.22.amzn1.x86_64
net-snmp-libs-5.5-60.22.amzn1.x86_64
net-snmp-utils-5.5-60.22.amzn1.x86_64