Quick Eagle Networks Information for VU#854306
Multiple vulnerabilities in SNMPv1 request handling
Quick Eagle Networks, Inc. is a provider of intelligent WAN access solutions for IP and frame relay networks, and the world leader in multilink access devices. Quick Eagle Networks continues to be committed to ensure a high level of security and reliability of our customer’s networks. Part of this commitment includes prompt responses to security issues discovered by organizations such as the CERTŪ Coordination Center.
On February 12, 2002 the CERTŪ/CC released an advisory related to security vulnerabilities that may exist in network devices using SNMPv1 as the management protocol. In response to this advisory (CERT Advisory CA-2002-03: Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol), Quick Eagle Networks Inc. began immediately investigating whether these vulnerabilities impact Quick Eagle's products.
II. Test Procedures
Quick Eagle Networks is currently applying the PROTOS c06-SNMPv1 test suite to all products and its variations that feature SNMPv1 capability. The tests evaluate the robustness of the application logic of the SNMPv1 implementation as well as the robustness of the BER decoder of the SNMPv1 implementation.
Preliminary test results have not indicated any vulnerability that will allow an
attacker to gain access. In general, Quick Eagle Networks' products use out of
band management, eliminating the chances of an attacker to gain access from the
outside of a network. While most of Quick Eagle Networks' newer WAN access
devices have already passed the test, some of Quick Eagle Networks' older
products are still under investigation.
Until Quick Eagle Networks has completed testing on all of its products and provided patches or fixes to eliminate these vulnerabilities, Quick Eagle Networks recommends considering one or more of the following solutions, as also identified in CERTŪ Advisory CA-2002-03, to minimize your network’s potential exposure to these vulnerabilities:
· Disable SNMP on the device
· Change the default community strings
· Disconnect the management port. This won’t have any impact on your network traffic as Quick Eagle’s solutions use out of band management.
The recommendations above apply only for those products that are still under evaluation. Please refer to our status report for further information.
IV. Status Reports
For more information please visit http://www.quickeagle.com/support/cert.asp
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.