SOFTPAQ NUMBER:  SP19713
PART NUMBER:  N/A
FILE NAME:  sp19713.tgz
TITLE:  SNMP Security Vulnerability Update for SuSE Linux Enterprise Server 7 (IA-32)
VERSION:  1.0.0
LANGUAGE:  English

CATEGORY:  Software Solutions

DIVISIONS: Systems

PRODUCTS AFFECTED: Compaq Proliant Servers running SuSE Linux Enterprise Server 7 (IA-32)
                   and Compaq Foundation Agents for Linux (cmafdtn) version 5.30.0.

OPERATING SYSTEM: SuSE Linux Enterprise Server 7 (IA-32)

SYSTEM CONFIGURATION:  N/A

PREREQUISITES:  This software update requires the Compaq Foundation Agents for Linux
                (cmafdtn) version 5.30.0 to be installed.

EFFECTIVE DATE:  April 25, 2002

ELECTRONIC DISTRIBUTION ALLOWED:  Yes

SUPERSEDES:  N/A

DESCRIPTION:  This SoftPaq contains the SNMP security vulnerability update for
              SuSE Linux Enterprise Server 7 (IA-32).

ENHANCEMENTS/FIXES:  Fixed a potential security vulnerability in ucdsnmp RPM.
                     (See CERT Advisory @ http://www.cert.org/advisories/CA-2002-03.html).

HOW TO USE:

1.  Before applying this update, install your system with version 5.30.0 of Compaq
    Management Agents (cmafdtn, cmasvr, cmastor and cmanic RPMs). Compaq Management
    Agents can be downloaded at "http://www.compaq.com/support/files/server/us/index.html".

2.  Download this SoftPaq to a directory on your hard drive.  The file that is
    downloaded is a compressed tar file (*.tgz) with a filename based on the SOFTPAQ
    NUMBER above.

3.  Log in as "root" and change to the directory containing the Softpaq.

4.  From that directory, type following command:

	# tar xvzf sp19713.tgz

    Following files will be created in the current directory:

        sp19713.txt
        sp19713.sh
        cmaX.c
        cmaX.h
        read_config.c
        ucdsnmp.src.rpm
        ucdsnmp.rpm

    "ucdsnmp" RPMs are downloaded from SuSE Linux Maintenance Web:

        http://support.suse.de/psdb

5.  Run "sh ./sp19713.sh" command and follow the instructions to apply the update.

    Note: If other installed RPMs are not compatible with new ucdsnmp RPM, the
          command will fail. In this situation, the incompatibility must be
          resolved before applying the update again.
     
6.  Message "./sp19713.sh completed successfully!" will be displayed when the
    command completed successfully.

7.  For more information and messages from "./sp19713" script, see
    "/var/spool/compaq/foundation/tmp/sp19713/sp19713.info".

8.  After the update is applied, you may delete the SoftPaq file downloaded
    in step 2 and all files extracted in step 4.



Copyright 2002, Compaq Computer Corporation.  All rights reserved.

Product names mentioned herein may be trademarks and/or registered
trademarks of their respective companies
