Nbase-Xyplex Information for VU#107186
Multiple vulnerabilities in SNMPv1 trap handling
iTouch Communications, Inc. formerly Nbase-Xyplex
iTouch Communications has confirmed that the following tests failed
(software crash) in the MX and InReach Series run-time image Xpcsrv20.sys
version 6.3 and NEMC_IR.SYS version 3.0 and earlier:
1. APP tests, 10545 and 10549
2. ENC tests 878,7643,7686,7687,7688,13358 & 13486
These issues were fixed in Xpcsrv20.sys version 6.3s15 and
NEMC_IR.SYS version 3.0s1 and now they are fully compliant with the SNMP
vulnerability CERT tests.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.