Entrada Networks Information for VU#107186

Multiple vulnerabilities in SNMPv1 trap handling



Vendor Statement

      This is in reference to you notification regarding VU#854306, VU#107186, and OUSPG#0100. Entrada Networks has reproduced this behavior and coded a software release enhancement for the affected products which is currently in regression testing within Entrada Networks' Quality Assurance organization. The release of Entrada Networks software enhancement addressing the behavior outlined in VU#854306, VU#107186, and OUSPG#0100 will be available to Entrada Networks, Sync Research, and Rixon Networks customers with Software Subscription Service on a request basis, no later than April 15, 2002.

      Entrada Networks has also produced a document discussing the alternative workarounds or configuration options to address the behavior outlined in VU#854306, VU#107186, and OUSPG#0100.This document is also available on request from customers. Please contact the Technical Support organization at 800-331-8669 for more information.

      Entrada Networks is providing the statement below as a response to
      be included in your vendor's statement section on SNMP CERT Alert 2002-03.

      Entrada Networks Sync Research, Inc. and Rixon Networks, Inc., (both are companies of Entrada Networks)

      Entrada Networks, through the companies of Sync Research, Inc. and
      Rixon Networks ,has confirmed vulnerability to the SNMP advisory identified
      by CERT notification reference [VU#107186 & VU#854306] and OUSPG#0100.

      Sync Research also manufactures and supports products formerly
      manufactured by Tylink, Inc. and Osicom, Inc.
      Rixon Networks, Inc. also manufactures and supports products
      formerly manufactured by Osicom, Inc.

      Entrada Networks has run all the test cases found in the PROTOS test-suite, c06snmpv1:
         1. c06-snmpv1-req-app-pr1.jar
         2. c06-snmpv1-req-enc-pr1.jar
         3. c06-snmpv1-trap-app-pr1.jar
         4. c06-snmpv1-trap-enc-pr1.jar

         The tests were run with standard delay time between the requests

         Entrada Networks, through their companies of Sync Research and Rixon
      Networks, supplies a broad range of networking products, some of which are
      affected by the SNMP vulnerabilities identified by CERT Coordination Center.
      The manner, in which, they are affected and the actions required to avoid
      being impacted by exploitation of these vulnerabilities varies from product
      to product.
      Entrada Networks customers may contact our Technical Support Center
      via either telephone 800-331-8669 or via email: mailto:support@sync,com  for
      additional information, especially regarding their availability of the
      latest enhanced code releases addressing the SNMP vulnerabilities.

         The tests that were run apply to the following Entrada Networks,
      Sync Research, and Rixon Networks  products.

         The Sync Research FRADs (3600,3700, 4200, and 4300 series), the
      Tylink FRAPs (D-FRAP, M-FRAP, S-FRAP, T-FRAP),
         Sync Research management platform (Envisage for Windows and Envisage
      for UNIX) and the Osicom Routermate series.
         The software tested on these products was the latest software
      releases that are generally available.

         Entrada Networks is in the process of creating a publication for all
      applicable releases / platforms and will be offering this publication
      through the Entrada Networks Support site at
      <http://www.entradanetworks.com>  or the Sync Research, Inc. site at
      <http://www.sync.com> at a future date.

         Please contact our Technical Support organization for information
      regarding availability / applicability for your specific configurations.

         Following is a list of companies whose products are addressed by
      this preliminary response:

         Sync Research, Inc. (see Entrada Networks)
         Osicom, Inc. (see Entrada Networks)
         Rixon Networks, Inc. (see Entrada Networks)
         Torrey Pines Networks, Inc. (see Entrada Networks)
         Tylink, Inc. (see Entrada Networks)

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.