RAD Data Communications Information for VU#107186
Multiple vulnerabilities in SNMPv1 trap handling
The security of our customer's networks is of highest priority to RAD Data
Communications Ltd. ("RAD"). RAD is aware of CERT's Advisories VU#854306 and
VU#107186, and is working together with it's partners to assess if any of
its products might be affected.
VU#107186: RAD's Network Management System (RADview) is not vulnerable to
the extent of working in conjunction with 3rd party products, such as Castle
Rock's SNMPc 5, HP's NNM 6.2, Microsoft's Windows NT4 and Sun's Solaris 2.7.
Customers are advised to consult the respective responses of these vendors,
available at http://www.kb.cert.org/vuls/id/854306 and verify that they comply with each vendor's specific recommendations.
VU#854306: As a first measure, we have requested from 3rd party software
developers, the products of which are integrated within RAD's SNMP agents
and Network Management station, to provide us with statements as to their
products vulnerabilities and their potential impact. We are currently
waiting for their conclusions. In parallel, RAD is in process of internally
setting up the testing schedules and facilities to ascertain the
vulnerability of our products.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.