Multiple Vendor Malformed SNMP Trap Handling DoS

2002-02-12T00:00:00
ID OSVDB:810
Type osvdb
Reporter Oulu University Secure Programming Group()
Modified 2002-02-12T00:00:00

Description

Vulnerability Description

Many SNMP implementations contain flaws that may allow a remote denial of service. The issue is triggered by exploiting flaws in the way the SNMPv1 protocol processes traps, and will result in loss of availability for the platform.

Technical Description

Vendor list available in CERT VU 107186.

Solution Description

Refer to vendor-specific advisory for upgrades and workarounds on affected products.

Short Description

Many SNMP implementations contain flaws that may allow a remote denial of service. The issue is triggered by exploiting flaws in the way the SNMPv1 protocol processes traps, and will result in loss of availability for the platform.

References:

Vendor Specific Solution URL: ftp://patches.sgi.com/support/free/security/advisories/20020201-01-A Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Other Advisory URL: http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html Nessus Plugin ID:10858 Microsoft Security Bulletin: MS02-006 CVE-2002-0012 CERT VU: 107186 CERT: CA-2002-03 Bugtraq ID: 4088