SNMP Research Information for VU#107186

Multiple vulnerabilities in SNMPv1 trap handling



Vendor Statement

The most recent releases ( and above) of all SNMP Research products address the vulnerabilities identified in the following CERT vulnerability advisories:

    VU#854306 (Multiple vulnerabilities in SNMPv1 request handling)
    VU#107186 (Multiple vulnerabilities in SNMPv1 trap handling)

A few of the malformed packets sent in these tests result in out of bound array references in allocated memory and minor memory leaks. No consequences, other than potential denial of service on some platforms, are known.

All customers who maintain a support contract have received either the new release or the appropriate patch sets to their and later source code releases addressing these vulnerabilities. Users maintaining earlier releases should update to the current release if they have not already done so. Up-to-date information is available from

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.