[NTLUG:Discuss] CERT advisory SNMP vunerability
Daniel L. Shipman
daniel at srj.net
Mon Feb 18 09:11:51 CST 2002
Not sure if this had been circulated to everyone - but on the 13th CERT issued an advisory about serious vulnerability in almost all implementations of the SNMP protocol. This vulnerability can cause unauthorized privileged access, denial-of-service attacks, or cause unstable behavior.
See the CERT advisory below for specific details and additional courses of action. It also includes a list of vendors (over 50 in all) and products which are known to be vulnerable, and the status of updates to fix them.
HOW TO TELL IF YOU'RE VULNERABLE
"rpm -qa | grep ucd-snmp-4" reports a version PRIOR to 4.2.3-1.6.x.3
http://www.redhat.com/support/errata/RHSA-2001-163.html
For more information:
http://www.cert.org/advisories/CA-2002-03.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://ntlug.org/pipermail/discuss/attachments/20020218/710fb138/attachment.html
More information about the Discuss
mailing list