Multiple Vendor SNMP Request Handling Vulnerabilities
Microsoft has released fixes which addresses this issue.
Cisco has released upgrades. Contact the vendor.
Fixes for Windows NT 4 Terminal Server English and German editions were re-released due to file problems in the original versions.
Nokia fixes for affected versions are available for download directly from Nokia.
Novell will address this issue in NetWare 6 Support Pack 1 and NetWare 5.1 Support Pack 6. Novell has made fixes available for version 4.11 through 6.0.
Multinet and TCPWare users should contact Process Software directly.
AdventNet will release a service pack for all users of their products around February 20, 2002.
Comtek products will be fixed with version 3.5 to be released some time in February 2002.
Lantronix will address this issue in LRS firmware version B1.3/611(020123).
The default installation of HP Secure OS Software for Linux does not include SNMP. Users who have enabled SNMP on HP Secure OS Software for Linux systems are advised to download the RPMs released by Red Hat.
HP Network Node Manager and Emanate Agents are included with ITO/VPO/OVO on Unix, OVO Windows and VPW/OVO Windows. The appropriate HP NNM/Emanate Agents fixes should be installed with these products. The HP OV/SAM Suite version 3.0.1 is prone to trap handling issues when run as an agent. Further details about how the OV/SAM Suite is affected and how to address the issue may be found in the attached advisory (HPSBUX0202-184).
SGI has released advisory 20030405-01-I to address this issue in Brocade firmware.
SGI has released advisory 20030703-01-I to address this issue in Emulex 1Gbit FibreChannel Hub firmware.
Fixes are available for a number of systems:
HP JetDirect x.08.00
HP Procurve Switch 8000M
3Com PS Hub 40
Microsoft Windows NT Enterprise Server 4.0 SP1
IBM AIX 5.1
Microsoft Windows NT Terminal Server 4.0 SP1
Microsoft Windows NT Server 4.0 SP1
Microsoft Windows NT Terminal Server 4.0 SP6
3Com Dual Speed Hub
HP Procurve Switch 2400M
Microsoft Windows NT Server 4.0 SP6
Microsoft Windows 2000 Server SP1
Microsoft Windows NT Server 4.0 SP2
Microsoft Windows XP Professional
Microsoft Windows 2000 Server
HP Procurve Switch 4000M
Microsoft Windows 2000 Datacenter Server
Microsoft Windows NT Workstation 4.0 SP6a
Microsoft Windows NT Workstation 4.0 SP2
HP Procurve Switch 4108GL
Microsoft Windows NT Workstation 4.0 SP4
Caldera UnixWare 7
Microsoft Windows NT Terminal Server 4.0 SP2
Microsoft Windows 2000 Datacenter Server SP1
3Com PS Hub 50
Microsoft Windows 2000 Professional SP2
3Com Switch 4400
Microsoft Windows 2000 Professional
Microsoft Windows 98
HP JetDirect x.20.00
3Com WebCache 1000
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0
HP HP-UX (VVOS) 11.0 4
SNMP Research Mid-Level Manager 15.3
Oracle Enterprise Manager 2.0
Sun SunMC 3.0
Sun SunMC 3.0 RR
Sun Enterprise 10000 Server SSP 3.5
HP OpenView Network Node Manager 4.1 1 Solaris
Novell Netware 4.11
IBM AIX 4.3.2
HP OpenView Network Node Manager 5.0 1 Solaris
Real Networks RealPlayer Intranet 5.0
Juniper Networks JUNOS 5.0
HP OpenView Network Node Manager 5.0 1
HP OpenView Network Node Manager 5.0 1 HP-UX
HP OpenView Distributed Management 5.0 3
Lotus Domino SNMP Agents 5.0.1 Solaris x86
Caldera OpenServer 5.0.5
Caldera OpenServer 5.0.6
Juniper Networks JUNOS 5.1
HP OpenView Distributed Management 6.0
HP OpenView Network Node Manager 6.0 HP-UX 11.X
HP OpenView Network Node Manager 6.0 NT 4.X/Windows 2000
Novell Netware 6.0
Caldera UnixWare 7.1 .0
Oracle Enterprise Manager 9.0.1