CVE-2006-5941 has been assigned based on a Sun Alert that talks about vulnerabilities in the Sun-supplied Net-SNMP package for Solaris *only*. The Sun Alert also says:
- --- snip --- Note 2: The Net-SNMP software was not bundled with Solaris prior to Solaris 10. However, customers who have built and/or installed a vulnerable version of Net-SNMP on any version of Solaris are at risk. See the Net-SNMP web site to download the latest version of Net-SNMP which addresses these issues. - --- snap --- Bottom line: The original CVE-2005-2177 has been fixed in the Debian Net-SNMP packages and CVE-2006-5941 doesn't even apply. +Thomas -- Thomas Anders (thomas.anders at blue-cable.de) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]