Information for VU#107186

Multiple vulnerabilities in SNMPv1 trap handling



Vendor Statement

      Network Equipment Technologies, dba
      Security Advisory:
      SNMPv1 Request and Trap Handling Vulnerabilities
      Release Date: 22 February 2002

      On February 12, 2002 the CERTŪ/CC released an advisory related to security vulnerabilities that may exist in network devices using SNMPv1 as the management protocol. In response to this advisory, CERTŪ Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP)", began executing the tests that elicit these vulnerabilities for all products that feature SNMPv1 capability.

      Preliminary analysis indicates that multiple products may exhibit certain vulnerabilities to SNMP messages as described in this Advisory. is currently applying the PROTOS c06-SNMPv1 test suite to all products that feature SNMPv1 capability.
      Until has completed testing on all of its products and provided patches or fixes to eliminate these vulnerabilities, recommends one or more of the following best practices, as identified in CERTŪ Advisory CA-2002-03, to minimize your network’s potential exposure to these vulnerabilities:
      · Disable SNMP on workstations or devices not being managed by SNMP managers.
      · Ingress filtering
      · Egress filtering
      · Filter SNMP traffic from non-authorized internal hosts
      · Segregate SNMP traffic onto a separate management network
      · Restrict SNMP traffic to Virtual Private Networks (VPNs)
      · Change default community strings

      For more information please see:

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.