ADVA AG Optical Networking Information for VU#107186
Multiple vulnerabilities in SNMPv1 trap handling
ADVA Optical Networking is addressing the SNMP vulnerabilities identified in the advisory CA-2002-03 ( <http://www.cert.org/advisories/CA-2002-03.html> http://www.cert.org/advisories/CA-2002-03.html) across the entire product line.
ADVA is currently applying the test suite provided by OUSPG (PROTOS c06-snmpv1 test suite) to all of its products.
Following products are tested against possible effects of the vulnerability report VU#854306 - Multiple vulnerabilities in SNMPv1 request:
· FSP 3000
· FSP 2000
· FSP II
· FSP I
· FSP 1000
· FSP 500
The ADVA Network Management products:
· FSP Element Manager
· FSP Network Manager
are tested against vulnerabilities of the report VU#107186 - Multiple
vulnerabilities in SNMPv1 trap handling.
The ongoing tests have not unveiled vulnerabilities so far.
Test results and information about product updates will be published on the
ADVA Optical Networking web site: <http://www.advaoptical.com/>
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.