[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] SNMP vulnerability patches available for IPSO ( CERT Advisory CA-2002-03 )
Hi, To me this has nothing to do with Check Point ... you should rather ask Sun for a patch ... no ?? Met vriendelijke groeten - Bien a vous - Kind regards Guy ROELANDTS EMEA GS Internet Expertise Centre - CCSA & CCSE Compaq Software Engineer - Belgium E-mail : [email protected] Tel: +32(02)729.77.44 (options 3 - 3 - 1) Fax: +32(02)729.77.65 ========================================================== This message may contain confidential and/or proprietary information, and is intended only for the person/entity to whom it was originally addressed. The content of this message may contain private views and opinions which do not constitute a formal disclosure or commitment unless specifically stated. Should you receive this message by mistake please inform the sender immediately. ========================================================== -----Original Message----- From: Hans-Joachim Hoetger [mailto:[email protected]] Sent: 14 February 2002 11:14 To: [email protected] Subject: Re: [FW-1] SNMP vulnerability patches available for IPSO ( CERT Advisory CA-2002-03 ) On Wed, Feb 13, 2002 at 06:12:38PM -0500, Brian Fritz wrote: > > > Subject: SNMP vulnerability patches available for IPSO ( CERT Advisory > > CA-2002-03 ) > > > > On February 12, 2002 CERT announced an SNMP vulnerability > > affecting many vendors. All versions of IPSO up to and including > > IPSO 3.4.1 are affected. It maybe possible for a remote intruder > > to leverage this vulnerability and gain admin access to Nokia > > Security Platforms running the affected IPSO versions. Review > > CERT Advisory CA-2002-03 for details of the problem. > > > > WORKAROUNDS: > > > > We recommend customers immediately install the appropriate > > patched version of IPSO or follow the recommended > > precautions below to avoid any potential exploit. > > > > If you are not using SNMP services, including Traps, simply use > > Network Voyager to disable the SNMP daemon to completely > > eliminate the potential vulnerability. > > > > If you are using only SNMP Traps and running Check Point > > FireWall-1, create a firewall policy to disallow incoming SNMP > > messages on all appropriate interfaces. Traps will continue to > > work normally. > > > > FIXES AVAILABLE: > > > > New builds of IPSO 3.3, 3.3.1, 3.4 and 3.4.1 with fixes to > > address this SNMP vulnerability are currently available for > > download from Resolution 10231 via http://support.nokia.com. > > Customers using a version of IPSO prior to 3.3 should either > > upgrade or apply the workarounds listed below. > > > > IPSO 3.4.2 shipped with the necessary SNMP patch incorporated. > > The necessary fix will also be included in all future releases of > > IPSO. > > > Hello Do you know, if other Versions/Platforms are vulnerable? Has Checkpoint released fixes already? We are using Version 4.1 on Solaris. regards -- ------------------------------------------------------------ Besuchen Sie uns auf der CeBIT: 13.03.-20.03.2002, Halle 16 A22. Wir freuen uns auf Sie! ------------------------------------------------------------ ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|