Lotus Software Information for VU#854306

Multiple vulnerabilities in SNMPv1 request handling



Vendor Statement

Lotus Software evaluated the Lotus Domino Server for vulnerabilities using the test suite materials provided by OUSPG.

This problem does not affect default installations of the Domino Server.  However, SNMP agents can be installed from the CD to provide SNMP services for the Domino Server (these are located in the Apps/SYSMGMT/AGENTS directory).  Only certain platforms are affected: HP-UX, Solaris SPARC and Solarix X86.  For those platforms, customers should upgrade to version R5.0.1a of the Lotus Domino SNMP Agents, available for download from the Lotus Knowledge Base on the IBM Support Web Site (http://www-4.ibm.com/software/lotus/support/). Please refer to Document #191059, Lotus Domino SNMP Agents R5.0.1a", also in the Lotus Knowledge Base, for more details.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.