[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] SNMP vulnerability patches available for IPSO ( CERT Advisory CA-2002-03 )
Just IPSO, version 3.4.2 is fixed yet ----- Original Message ----- From: "Hans-Joachim Hoetger" <[email protected]> To: <[email protected]> Sent: Thursday, February 14, 2002 4:14 AM Subject: Re: [FW-1] SNMP vulnerability patches available for IPSO ( CERT Advisory CA-2002-03 ) > On Wed, Feb 13, 2002 at 06:12:38PM -0500, Brian Fritz wrote: > > > > > Subject: SNMP vulnerability patches available for IPSO ( CERT Advisory > > > CA-2002-03 ) > > > > > > On February 12, 2002 CERT announced an SNMP vulnerability > > > affecting many vendors. All versions of IPSO up to and including > > > IPSO 3.4.1 are affected. It maybe possible for a remote intruder > > > to leverage this vulnerability and gain admin access to Nokia > > > Security Platforms running the affected IPSO versions. Review > > > CERT Advisory CA-2002-03 for details of the problem. > > > > > > WORKAROUNDS: > > > > > > We recommend customers immediately install the appropriate > > > patched version of IPSO or follow the recommended > > > precautions below to avoid any potential exploit. > > > > > > If you are not using SNMP services, including Traps, simply use > > > Network Voyager to disable the SNMP daemon to completely > > > eliminate the potential vulnerability. > > > > > > If you are using only SNMP Traps and running Check Point > > > FireWall-1, create a firewall policy to disallow incoming SNMP > > > messages on all appropriate interfaces. Traps will continue to > > > work normally. > > > > > > FIXES AVAILABLE: > > > > > > New builds of IPSO 3.3, 3.3.1, 3.4 and 3.4.1 with fixes to > > > address this SNMP vulnerability are currently available for > > > download from Resolution 10231 via http://support.nokia.com. > > > Customers using a version of IPSO prior to 3.3 should either > > > upgrade or apply the workarounds listed below. > > > > > > IPSO 3.4.2 shipped with the necessary SNMP patch incorporated. > > > The necessary fix will also be included in all future releases of > > > IPSO. > > > > > > > Hello > Do you know, if other Versions/Platforms are vulnerable? Has > Checkpoint released fixes already? We are using Version 4.1 > on Solaris. > regards > -- > ------------------------------------------------------------ > Besuchen Sie uns auf der CeBIT: 13.03.-20.03.2002, > Halle 16 A22. Wir freuen uns auf Sie! > ------------------------------------------------------------ > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|