NetBSD Information for VU#107186

Multiple vulnerabilities in SNMPv1 trap handling

Status

Unknown. If you are the vendor named above, please contact us to update your status.

Vendor Statement

NetBSD does not ship with any SNMP tools in our 'base' releases. We do provide optional `packages' which provide various support for SNMP. These packages are not installed by default, nor are they currently provided as an install option by the operating system installation tools. A system administrator/end-user has to manually install this with our package management tools.

These SNMP packages include:

netsaint-plugin-snmp-1.2.8.4 SNMP monitoring plug-in for netsaint

p5-Net-SNMP-3.60 perl5 module for SNMP queries

p5-SNMP-3.1.0 Perl5 module for interfacing to the UCD SNMP library

p5-SNMP_Session-0.83 perl5 module providing rudimentary access to remote SNMP agents

ucd-snmp-4.2.1 Extensible SNMP implementation (conflicts with ucd-snmp-4.1.2)

ucd-snmp-4.1.2 Extensible SNMP implementation (conflicts with ucd-snmp-4.2.1)

We do provide a software monitoring mechanism called 'audit-packages', which allows us to highlight if a package with a range of versions has a potential vulnerability, and recommends that the end-user upgrade the packages in question.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.