NetBSD Information for VU#107186
Multiple vulnerabilities in SNMPv1 trap handling
Unknown. If you are the vendor named above, please contact us to update your status.
NetBSD does not ship with any SNMP tools in our 'base' releases. We do provide optional `packages' which provide various support for SNMP. These packages are not installed by default, nor are they currently provided as an install option by the operating system installation tools. A system administrator/end-user has to manually install this with our package management tools.
These SNMP packages include:
netsaint-plugin-snmp-22.214.171.124 SNMP monitoring plug-in for netsaint
p5-Net-SNMP-3.60 perl5 module for SNMP queries
p5-SNMP-3.1.0 Perl5 module for interfacing to the UCD SNMP library
p5-SNMP_Session-0.83 perl5 module providing rudimentary access to remote SNMP agents
ucd-snmp-4.2.1 Extensible SNMP implementation (conflicts with ucd-snmp-4.1.2)
ucd-snmp-4.1.2 Extensible SNMP implementation (conflicts with ucd-snmp-4.2.1)
We do provide a software monitoring mechanism called 'audit-packages', which allows us to highlight if a package with a range of versions has a potential vulnerability, and recommends that the end-user upgrade the packages in question.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.