SNMP.Trap.Service.GET.Request.DoS

Release Date Sep 11, 2006
Severity critical
Impact Attackers can execute arbitrary commands on the victim system and cause DoS.
Description It indicates a buffer overflow vulnerability in Simple Network Management Protocol version 1 (SNMPv1). SNMP is a prevalent protocol for managing network devices from different vendors. There is a vulnerability in SNMPv1 request handling that allows a remote attacker to execute arbitrary command or even cause Denial-of-Service (DoS) on a target system by sending it specially-crafted requests.
Affected Products Any unprotected implementation of SNMPv1 is vulnerable to the attack.
Recommended Actions Disable the SNMPv1 if it is not used.
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2002-0012 CVE-2002-0013
Reference/s http://www.kb.cert.org/vuls/id/854306 http://www.cert.org/advisories/CA-2002-03.html http://www.securityfocus.com/bid/4089 (BugTraq)

Fortinet