Quick Eagle Networks Information for VU#107186

Multiple vulnerabilities in SNMPv1 trap handling

Status

Not Affected

Vendor Statement

      Quick Eagle Networks, Inc. is a provider of intelligent WAN access solutions for IP and frame relay networks, and the world leader in multilink access devices. Quick Eagle Networks continues to be committed to ensure a high level of security and reliability of our customer’s networks. Part of this commitment includes prompt responses to security issues discovered by organizations such as the CERTŪ Coordination Center.

      I. Overview

      On February 12, 2002 the CERTŪ/CC released an advisory related to security vulnerabilities that may exist in network devices using SNMPv1 as the management protocol. In response to this advisory (CERT Advisory CA-2002-03: Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol), Quick Eagle Networks Inc. began immediately investigating whether these vulnerabilities impact Quick Eagle's products.

      II. Test Procedures

      Quick Eagle Networks is currently applying the PROTOS c06-SNMPv1 test suite to all products and its variations that feature SNMPv1 capability. The tests evaluate the robustness of the application logic of the SNMPv1 implementation as well as the robustness of the BER decoder of the SNMPv1 implementation.

      III. Impact

      Preliminary test results have not indicated any vulnerability that will allow an
      attacker to gain access. In general, Quick Eagle Networks' products use out of
      band management, eliminating the chances of an attacker to gain access from the
      outside of a network. While most of Quick Eagle Networks' newer WAN access
      devices have already passed the test, some of Quick Eagle Networks' older
      products are still under investigation.

      IV. Solution

      Until Quick Eagle Networks has completed testing on all of its products and provided patches or fixes to eliminate these vulnerabilities, Quick Eagle Networks recommends considering one or more of the following solutions, as also identified in CERTŪ Advisory CA-2002-03, to minimize your network’s potential exposure to these vulnerabilities:

      · Disable SNMP on the device
      · Change the default community strings
      · Disconnect the management port. This won’t have any impact on your network traffic as Quick Eagle’s solutions use out of band management.

      The recommendations above apply only for those products that are still under evaluation. Please refer to our status report for further information.

      IV. Status Reports

      For more information please visit http://www.quickeagle.com/support/cert.asp

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.