https://community.hpe.com/t5/operating-system-openvms/snmp-and-potential-vulnerability/m-p/3127565#M46722 Back in 2/2002 this alert was sent regarding SNMP vulnerability. Is this still the case?<BR />I'm running VMS7.3 and TCPIP 5.1 ECO 4.<BR />Thanks,<BR />Tom<BR /><BR />The Computer Emergency Response Team (CERT/cc) has recently issued an<BR />advisory regarding numerous potential vulnerabilities in SNMPv1<BR />implementations. These potential vulnerabilities are applicable to<BR />SNMPv1 trap handling and SNMPv1 Request handling. The CERT article<BR />outlines vulnerabilities that can cause SNMP services to stop<BR />functioning and in some cases may enable "unauthorized access,"<BR />"denial of service attacks" or may cause system instability.<BR /><BR />IMPACT:<BR /> <BR /> Compaq TCP/IP Services for OpenVMS: Mon, 24 Nov 2003 14:34:01 GMT Tom Dorr 2003-11-24T14:34:01Z https://community.hpe.com/t5/operating-system-openvms/snmp-and-potential-vulnerability/m-p/3127565#M46722 Back in 2/2002 this alert was sent regarding SNMP vulnerability. Is this still the case?<BR />I'm running VMS7.3 and TCPIP 5.1 ECO 4.<BR />Thanks,<BR />Tom<BR /><BR />The Computer Emergency Response Team (CERT/cc) has recently issued an<BR />advisory regarding numerous potential vulnerabilities in SNMPv1<BR />implementations. These potential vulnerabilities are applicable to<BR />SNMPv1 trap handling and SNMPv1 Request handling. The CERT article<BR />outlines vulnerabilities that can cause SNMP services to stop<BR />functioning and in some cases may enable "unauthorized access,"<BR />"denial of service attacks" or may cause system instability.<BR /><BR />IMPACT:<BR /> <BR /> Compaq TCP/IP Services for OpenVMS: Mon, 24 Nov 2003 14:34:01 GMT https://community.hpe.com/t5/operating-system-openvms/snmp-and-potential-vulnerability/m-p/3127565#M46722 Tom Dorr 2003-11-24T14:34:01Z https://community.hpe.com/t5/operating-system-openvms/snmp-and-potential-vulnerability/m-p/3127566#M46723 I do not know if this is fixed, but the last Eco for Tcpip 5.1 is Eco 5. You should anyway apply it.<BR /><BR />regards<BR /><BR />Gerard Mon, 24 Nov 2003 15:50:52 GMT https://community.hpe.com/t5/operating-system-openvms/snmp-and-potential-vulnerability/m-p/3127566#M46723 labadie_1 2003-11-24T15:50:52Z https://community.hpe.com/t5/operating-system-openvms/snmp-and-potential-vulnerability/m-p/3127567#M46724 If I recall correctly then this wasn't fixed in V5.1 because supported had ended for that version when the problem was fixed so you have to update to a later version then apply latest ECO. See release notes for TCPIP patch kits to see when the SNMP problem got fixed. Tue, 25 Nov 2003 05:23:07 GMT https://community.hpe.com/t5/operating-system-openvms/snmp-and-potential-vulnerability/m-p/3127567#M46724 Ian Miller. 2003-11-25T05:23:07Z