DMH Software Information for VU#854306
Multiple vulnerabilities in SNMPv1 request handling
- Vendor Information Help Date Notified: 09 Jan 2002
- Statement Date:
- Date Updated: 28 Apr 2002
DMH Software applied the OULU University test suite to its various
portable snmp-agent products: SNMPv1, SNMPv2c and SNMPv3.
We found that the following or later releases of DMH portable
snmp-agent products are NOT vulnerable to CERT vulnerability advisory
VU#854306 (Multiple vulnerabilities in SNMPv1 request handling)
(1) SNMPv1 Agent version - 220.127.116.11
(2) SNMPv2c Agent version - 18.104.22.168
(3) SNMPv3 Agent version - 22.214.171.124
The above releases, or newer releases, are currently available to our
customers. We strongly recommend our customers to contact us to obtain
an upgrade and update their source code.
Please note that we received notes from some of our customers who
reported that previous releases of DMH snmp-agent products were tested
an found not vulnerable to VU#107186. Nevertheless we recommend an
upgrade to the recent releases.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.