NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] SNMP vulnerability patches available for IPSO ( CERT Advisory CA-2002-03 )


  • To: [email protected]
  • Subject: Re: [FW-1] SNMP vulnerability patches available for IPSO ( CERT Advisory CA-2002-03 )
  • From: "Roelandts, Guy" <[email protected]>
  • Date: Thu, 14 Feb 2002 12:24:52 +0100
  • Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
  • Sender: Mailing list for discussion of Firewall-1 <[email protected]>
  • Thread-index: AcG1SHaMt7k+SnXZQ7OBwvznHKz5cgAAa4DQ
  • Thread-topic: Re: [FW-1] SNMP vulnerability patches available for IPSO ( CERT Advisory CA-2002-03 )

Hi,

   To me this has nothing to do with Check Point ... you should rather
ask
 Sun for a patch ... no ??

Met vriendelijke groeten - Bien a vous - Kind regards
Guy ROELANDTS
EMEA GS Internet Expertise Centre - CCSA & CCSE
Compaq Software Engineer - Belgium
E-mail : [email protected]
Tel: +32(02)729.77.44 (options 3 - 3 - 1)
Fax: +32(02)729.77.65
==========================================================
This message may contain confidential and/or proprietary information,
and is intended only for the person/entity to whom it was originally
addressed. The content of this message may contain private views and
opinions which do not constitute a formal disclosure or commitment
unless specifically stated. Should you receive this message by mistake
please inform the sender immediately.
==========================================================


-----Original Message-----
From: Hans-Joachim Hoetger [mailto:[email protected]]
Sent: 14 February 2002 11:14
To: [email protected]
Subject: Re: [FW-1] SNMP vulnerability patches available for IPSO ( CERT
Advisory CA-2002-03 )


On Wed, Feb 13, 2002 at 06:12:38PM -0500, Brian Fritz wrote:
>
> > Subject: SNMP vulnerability patches available for IPSO ( CERT
Advisory
> > CA-2002-03 )
> >
> > On February 12, 2002 CERT announced an SNMP vulnerability
> > affecting many vendors. All versions of IPSO up to and including
> > IPSO 3.4.1 are affected. It maybe possible for a remote intruder
> > to leverage this vulnerability and gain admin access to Nokia
> > Security Platforms running the affected IPSO versions. Review
> > CERT Advisory CA-2002-03 for details of the problem.
> >
> > WORKAROUNDS:
> >
> > We recommend customers immediately install the appropriate
> > patched version of IPSO or follow the recommended
> > precautions below to avoid any potential exploit.
> >
> > If you are not using SNMP services, including Traps, simply use
> > Network Voyager to disable the SNMP daemon to completely
> > eliminate the potential vulnerability.
> >
> > If you are using only SNMP Traps and running Check Point
> > FireWall-1, create a firewall policy to disallow incoming SNMP
> > messages on all appropriate interfaces. Traps will continue to
> > work normally.
> >
> > FIXES AVAILABLE:
> >
> > New builds of IPSO 3.3, 3.3.1, 3.4 and 3.4.1 with fixes to
> > address this SNMP vulnerability are currently available for
> > download from Resolution 10231 via http://support.nokia.com.
> > Customers using a version of IPSO prior to 3.3 should either
> > upgrade or apply the workarounds listed below.
> >
> > IPSO 3.4.2 shipped with the necessary SNMP patch incorporated.
> > The necessary fix will also be included in all future releases of
> > IPSO.
> >
>

Hello
Do you know, if other Versions/Platforms are vulnerable? Has
Checkpoint released fixes already? We are using Version 4.1
on Solaris.
regards
--
------------------------------------------------------------
  Besuchen Sie uns auf der CeBIT: 13.03.-20.03.2002,
  Halle 16 A22. Wir freuen uns auf Sie!
------------------------------------------------------------

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.