KarlNet Inc. Information for VU#107186
Multiple vulnerabilities in SNMPv1 trap handling
SNMPv1 Implementation Vulnerabilities in Karlnet Products
Revision Date: 14 March 2002
Iá Vulnerabilities Found
Preliminary test results have indicated multiple Karlnet products exhibit certain vulnerabilities to SNMP messages.
Some of these vulnerabilities can be exploited, resulting in a denial of service or service interruption.
These results have not indicated any vulnerability that will allow an attacker to gain access to the affected device.
In response to CERT« Advisory CA-2002-03 Multiple Vulnerabilities in Many
Implementations of the Simple Network Management Protocol (SNMP),
Karlnet Inc. has detected and repaired all of the inconsistencies found by
CERT Testsá in our SNMP implementation.á We have ensured that all
vulnerabilities found, using test suite, PROTOS c-06-SNMPv1, haveá
been corrected and implemented in all versions of Karlnet Software 4.01 or greater.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.