SOFTPAQ NUMBER: SP19715 PART NUMBER: N/A FILE NAME: sp19715.tgz TITLE: SNMP Security Vulnerability Update for Red Hat Linux 7.2 VERSION: 1.0.0 LANGUAGE: English CATEGORY: Software Solutions DIVISIONS: Systems PRODUCTS AFFECTED: Compaq Proliant Servers running Red Hat Linux 7.2 and Compaq Foundation Agents for Linux (cmafdtn) version 5.30.0. OPERATING SYSTEM: Red Hat Linux 7.2 SYSTEM CONFIGURATION: N/A PREREQUISITES: This software update requires the Compaq Foundation Agents for Linux (cmafdtn) version 5.30.0 to be installed. EFFECTIVE DATE: March 25, 2002 ELECTRONIC DISTRIBUTION ALLOWED: Yes SUPERSEDES: N/A DESCRIPTION: This SoftPaq contains the SNMP security vulnerability update for Red Hat Linux 7.2. ENHANCEMENTS/FIXES: Fixed a potential security vulnerability in ucd-snmp RPMs. (See CERT Advisory @ http://www.cert.org/advisories/CA-2002-03.html). HOW TO USE: 1. Before applying this update, install your system with version 5.30.0 of Compaq Management Agents (cmafdtn, cmasvr, cmastor and cmanic RPMs). Compaq Management Agents can be downloaded at "http://www.compaq.com/support/files/server/us/index.html". 2. Download this SoftPaq to a directory on your hard drive. The file that is downloaded is a compressed tar file (*.tgz) with a filename based on the SOFTPAQ NUMBER above. 3. Log in as "root" and change to the directory containing the Softpaq. 4. From that directory, type following command: # tar xvzf sp19715.tgz Following files will be created in the current directory: sp19715.txt sp19715.sh cmaX.c cmaX.h read_config.c ucd-snmp-4.2.3-1.7.2.3.src.rpm ucd-snmp-4.2.3-1.7.2.3.i386.rpm ucd-snmp-utils-4.2.3-1.7.2.3.i386.rpm ucd-snmp-devel-4.2.3-1.7.2.3.i386.rpm "ucd-snmp" RPMs are downloaded from Red Hat web site: http://www.redhat.com/support/errata/RHSA-2001-163.html. 5. Run "sh ./sp19715.sh" command and follow the instructions to apply the update. Note: If other installed RPMs are not compatible with new ucd-snmp RPMs, the command will fail. In this situation, the incompatibility must be resolved before applying the update again. Note: If Ethereal RPMs are installed on your system, you need to remove them before installing this SoftPaq. Also, new Ethereal RPMs are required for the updated ucd-snmp RPMs. New Ethereal RPMs may be downloaded from Red Hat Web site http://www.redhat.com/support/errata/RHSA-2001-163.html. 6. Message "./sp19715.sh completed successfully!" will be displayed when the command completed successfully. 7. For more information and messages from "./sp19715" script, see "/var/spool/compaq/foundation/tmp/sp19715/sp19715.info". 8. After the update is applied, you may delete the SoftPaq file downloaded in step 2 and all files extracted in step 4. Copyright 2002, Compaq Computer Corporation. All rights reserved. Product names mentioned herein may be trademarks and/or registered trademarks of their respective companies