Wind River Systems, Inc. Information for VU#107186

Multiple vulnerabilities in SNMPv1 trap handling

Status

Affected

Vendor Statement

      Envoy SNMP Agent Source Code v9.0+:
      After extensive testing against the PROTOS c06-snmpv1 test suite, we have
      not been able to reproduce any of the SNMPv1 security problems VU#854306 and
      VU#107186 in our current SNMP Source Code products: Envoy SNMP v9.0, v9.1,
      v9.2, and v9.3 Beta.  We ran the tests without seeing any impact on system
      memory or any other unusual behavior.  We encourage all customers to upgrade
      to the current version of Envoy SNMP Source Code Agent.

      WindNet SNMP Agent Binary Objects v2.0:

      Testing against the PROTOS c06-snmpv1 test suite has revealed a
      vulnerability in the current version of WindNet SNMP v2.0.  The specific
      impact is a memory leak caused by the exceptional element E-01.  This
      vulnerability can be demonstrated by test #1421 (among others) in the
      req-enc test suite.  A fix is currently available from Wind River support
      and on WindSurf for customers with valid maintenance contracts.  WindNet
      SNMP Binary v2.0 customers under maintenance can also eliminate the
      vulnerability by upgrading to Envoy SNMP Source v9.2.  This vulnerability was previously
      fixed as a "potential leak" in the Envoy v9.0 Agent Source Code release.
      WindNet SNMP v2.0 is a binary distribution of Envoy v8.0, so it did not
      include this fix.  No current Envoy Source release (v9.0+) is effected by this
      vulnerability.

      Note: As Wind River's Envoy SNMP is a source code product, customer's
      modifying Envoy MAY introduce vulnerability to VU#854306 and VU#107186.
      We are especially seeing problems with buffer overruns in customer community
      string validation routines.  Wind River recommends individual testing
      against the test suite of any customer product incorporating a SNMP agent, particularly
      MODIFIED Envoy SNMP source code.

      Wind River customers under support and maintenance have received the current
      product releases.  Supported customers should Contact Wind River support at
      support@windriver.com or call (800) 458-7767 with any test reports related
      to VU#854306 and VU#107186, or for more information.  Customers who need to
      renew support or wish to upgrade to a supported version (Envoy v9.0+ and
      WindNet SNMP v2.0) should contact their Wind River Account Manager, or
      1-800-545-WIND (1-800-545-9463) if they do not have an Account Manager.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.