Concord Communications Information for VU#107186

Multiple vulnerabilities in SNMPv1 trap handling

Status

Affected

Vendor Statement

      Concord's eHealth Console product has some vulnerabilities to the OUSPG test
      suite. Patches are available.

      Concord's SystemEDGE agent has been tested and is not vulnerable on Unix
      platforms. Under Windows, it is a sub-agent of the Windows SNNMP agent, and
      therefore the Windows hot fixes should be applied. SystemEDGE is not
      vulnerable on Win2K and XP with Microsoft's hot fixes.

      Please see this page on Concord's web site for more detail and for patch
      availability: http://www.concord.com/certadvisory.shtml

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.