Equinox Systems Information for VU#107186
Multiple vulnerabilities in SNMPv1 trap handling
This is in reference to the CERT Advisory CA-2002-03 addressing
potential security vulnerabilities that exist in network devices
using SNMPv1 as the management protocol. Equinox has determined that
exploitation of these vulnerabilities may interfere with normal
operation of our ESP serial hub through malicious use of the
management interfaces provided for its Equiview Plus application. We
are evaluating the impact on the ESP and will release appropriate
fixes if necessary. In the interim, Equinox recommends the following
In most network environments, firewalls are deployed to prohibit
externally originating SNMP traffic and both detect and prevent
Denial of Service attacks. Since the ESP does not currently allow
for disabling of SNMP, it is recommended that this device be operated
in a secure environment in conjunction with the following SNMP
network security safeguards:
1. Filter SNMP access to managed devices to ensure the traffic
originates from known management systems
2. Use upstream firewall/access lists to deny access to the SNMP
agents accessible on the network
3. Use access profiles to deny SNMP access to unknown users
4. Use dedicated management VLANs or out-of-band management to
contain SNMP traffic and multicasts
5. Change the default community strings
Equinox will continue to address potential security problems across
its product line and provide patches as circumstances dictate.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.