net.com Information for VU#107186
Multiple vulnerabilities in SNMPv1 trap handling
Network Equipment Technologies, dba net.com
SNMPv1 Request and Trap Handling Vulnerabilities
Release Date: 22 February 2002
On February 12, 2002 the CERTŪ/CC released an advisory related to security vulnerabilities that may exist in network devices using SNMPv1 as the management protocol. In response to this advisory, CERTŪ Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP)", net.com began executing the tests that elicit these vulnerabilities for all net.com products that feature SNMPv1 capability.
Preliminary analysis indicates that multiple net.com products may exhibit certain vulnerabilities to SNMP messages as described in this Advisory. net.com is currently applying the PROTOS c06-SNMPv1 test suite to all products that feature SNMPv1 capability.
Until net.com has completed testing on all of its products and provided patches or fixes to eliminate these vulnerabilities, net.com recommends one or more of the following best practices, as identified in CERTŪ Advisory CA-2002-03, to minimize your network’s potential exposure to these vulnerabilities:
· Disable SNMP on workstations or devices not being managed by SNMP managers.
· Ingress filtering
· Egress filtering
· Filter SNMP traffic from non-authorized internal hosts
· Segregate SNMP traffic onto a separate management network
· Restrict SNMP traffic to Virtual Private Networks (VPNs)
· Change default community strings
For more information please see: www.net.com/service/
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.