ADVA AG Optical Networking Information for VU#854306

Multiple vulnerabilities in SNMPv1 request handling

Status

Not Affected

Vendor Statement

ADVA Optical Networking is addressing the SNMP vulnerabilities identified in the advisory CA-2002-03 ( <http://www.cert.org/advisories/CA-2002-03.html> http://www.cert.org/advisories/CA-2002-03.html) across the entire product line.

ADVA is currently applying the test suite provided by OUSPG (PROTOS c06-snmpv1 test suite) to all of its products.

Following products are tested against possible effects of the vulnerability report VU#854306 - Multiple vulnerabilities in SNMPv1 request:

FSP 3000

FSP 2000

FSP II

FSP I

FSP 1000

FSP 500

CELL-ACE

CELL-ACE-PLUS



The ADVA Network Management products:

FSP Element Manager

FSP Network Manager

CELL-SCOPE

are tested against vulnerabilities of the report VU#107186 - Multiple
vulnerabilities in SNMPv1 trap handling.

The ongoing tests have not unveiled vulnerabilities so far.

Test results and information about product updates will be published on the
ADVA Optical Networking web site: <http://www.advaoptical.com/>
http://www.advaoptical.com.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.