Also sprach Carl Litt
CERT has just released an advisory concerning vulnerabilities in SNMPv1 which exist in many vendor implementations, including 3Com.
3Com has acknowledged that several switches are are vulnerable, but there has been no news about the Total Control series. Does anyone know if the SNMP implementation on the ARC/NMC cards is safe?
For reference:
http://www.kb.cert.org/vuls/id/854306 http://www.kb.cert.org/vuls/id/107186
Given the number of SNMP vulnerabilities that I've found in the past on the Arcs and NMCs (2 or 3, and that was when I wasn't even looking very hard), I'd be surprised if they *weren't* vulnerable. :/ -- Jeff McAdams Email: jeffm@iglou.com Head Network Administrator Voice: (502) 966-3848 IgLou Internet Services (800) 436-4456