Re: SNMP and potential vulnerability

Tom Dorr · ‎11-24-2003

Back in 2/2002 this alert was sent regarding SNMP vulnerability. Is this still the case?
I'm running VMS7.3 and TCPIP 5.1 ECO 4.
Thanks,
Tom

The Computer Emergency Response Team (CERT/cc) has recently issued an
advisory regarding numerous potential vulnerabilities in SNMPv1
implementations. These potential vulnerabilities are applicable to
SNMPv1 trap handling and SNMPv1 Request handling. The CERT article
outlines vulnerabilities that can cause SNMP services to stop
functioning and in some cases may enable "unauthorized access,"
"denial of service attacks" or may cause system instability.

IMPACT:

Compaq TCP/IP Services for OpenVMS:

labadie_1 · ‎11-24-2003

I do not know if this is fixed, but the last Eco for Tcpip 5.1 is Eco 5. You should anyway apply it.

regards

Gerard

Ian Miller. · ‎11-24-2003

If I recall correctly then this wasn't fixed in V5.1 because supported had ended for that version when the problem was fixed so you have to update to a later version then apply latest ECO. See release notes for TCPIP patch kits to see when the SNMP problem got fixed.

____________________
Purely Personal Opinion

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: SNMP and potential vulnerability

SNMP and potential vulnerability

Re: SNMP and potential vulnerability

Re: SNMP and potential vulnerability