Check Point Information for VU#107186

Multiple vulnerabilities in SNMPv1 trap handling


Not Affected

Vendor Statement

Check Point Statement on SNMP Vulnerability Test Suite

Recently, an automated suite has been released which tests products for known SNMP vulnerabilities.

FireWall-1, by default, blocks all SNMP communication to, from, or across a FireWall-1 gateway. SNMP communication is enabled only if the administrator writes a specific rule which allows the communication.

SNMP communication is not required for correct functionality of any Check Point products.

If SNMP monitoring of Check Point firewalls is needed, Check Point recommends that the FireWall-1 rule base tightly restrict SNMP communication and that all relevant operating system security patches be applied.

Check Point knows of no SNMP-related security issues in any of its products, and has conducted an extensive review to ensure that none exist.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.