Inktomi Corporation Information for VU#107186
Multiple vulnerabilities in SNMPv1 trap handling
All releases of Inktomi Traffic Server and Inktomi Media-IXT prior to
version 5.2 are vulnerable, releases after 5.2 are not vulnerable. A
software patch is available to close the vulnerability. Download and
installation instructions are available at:
Traffic Server deployed as part of the Inktomi Content Networking
Platform 1.0 is also vulnerable, and should be immediately updated to
v1.1 or 1.1.1. Inktomi CNP customers can get the 1.1.1 release from
Other Inktomi Products:
Inktomi CDS is not vulnerable. CDS is safe because it does not listen
for SNMP requests. Inktomi Enterprise Search is also not vulnerable,
because it does not include any SNMP. Finally, Inktomi Media
Distribution Network is also safe because it does
not include any SNMP.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.