Lotus Software Information for VU#107186

Multiple vulnerabilities in SNMPv1 trap handling



Vendor Statement

      Lotus Software evaluated the Lotus Domino Server for vulnerabilities
      using the test suite materials provided by OUSPG.

      This problem does not affect default installations of the Domino
      Server.  However, SNMP agents can be installed from the CD to provide
      SNMP services for the Domino Server (these are located in the
      Apps/SYSMGMT/AGENTS directory).  Only certain platforms are affected:
      HP-UX, Solaris SPARC and Solarix X86.  For those platforms, customers
      should upgrade to version R5.0.1a of the Lotus Domino SNMP Agents,
      available for download from the Lotus Knowledge Base on the IBM
      Support Web Site ( http://www-4.ibm.com/software/lotus/support/).
      Please refer to Document #191059, "Lotus Domino SNMP Agents R5.0.1a",
      also in the Lotus Knowledge Base, for more details.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.