ITouch Communications Information for VU#107186
Multiple vulnerabilities in SNMPv1 trap handling
iTouch Communications has confirmed that the following tests failed
(software crash) in the MX and InReach Series run-time image
Xpcsrv20.sys version 6.3 and NEMC_IR.SYS version 3.0 and earlier:
1. APP tests, 10545 and 10549
2. ENC tests 878,7643,7686,7687,7688,13358 & 13486
These issues were fixed in Xpcsrv20.sys version 6.3s15 and
NEMC_IR.SYS version 3.0s1 and now they are fully compliant with the
SNMP vulnerability CERT tests.
Customers requesting software updates or more information may
contact iTouch Communications at 800-435-7997 (domestic) and 978-952-4888
(International) and select the Customer Service option.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.