Vina Technologies Information for VU#854306

Multiple vulnerabilities in SNMPv1 request handling

Status

Affected

Vendor Statement

      Vina is addressing the CERT advisory & evaluating the impact over all its products.  Security of our customers networks is of prime importance to us.  Integrator 300 & eLink family products have verified no vulnerability with the fix put in place effective 4/08/2002.  Testing is still in progress for MX 500/550/600 & MBX 1000 products.  Initial results have shown that customers running Frame Relay as WAN protocol are not affected.  Action is being taken to evaluate & fix if any PPP or Cisco HDLC encapsulation vulnerabilities are found by running the  'PROTOS c06-snmpv1 test suite' mentioned in the advisory .  VINA will continue to update its statement on this site as additional info becomes available.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.