Security vulnerabilities that may exist in network devices using SNMPv1 as the management protocol
Related links
- Why the Need for Uninterruptible Power?
- Ten compelling reasons for buying a UPS
- Why every network needs a UPS
- Off-line (or Passive Standby)
- Line Interactive (or Active Stand By)
- On-line Technology
- Voltage Regulation
- Output Waveform
- Connecting a UPS to a network
- Remote Monitoring
- UPS management using SNMP
- The MGE Office Protection Systems MIB
- Com Port Settings
- Security vulnerabilities
Home > Technical notes > Security vulnerabilities that may exist in network devices using SNMPv1 as the management protocol
On February 12, 2002 the CERTŪ/CC released an advisory ( CA-2002-03) related to security vulnerabilities that may exist in network devices using SNMPv1 as the management protocol. In response to this advisory, MGE Office Protection Systems began executing the tests that elicit these vulnerabilities for all
MGE Office Protection Systems products that feature SNMPv1 capability.
MGE Office Protection Systems have different SNMP based products:
- 1 - SNMP Card plugged directly in UPS
Under direct SNMP attack the SNMP card may stop responding, but it does not affect the operation of the UPS. Patch solving this problem is currently available for SNMP Card 66245 version 3.82 for download from the MGE Office Protection Systems website.
Other patches or new products will be available on the MGE Office Protection Systems download web site in the next weeks. - 2 - SNMP Agent used on host machines
Such proxy agent is based on the extended native SNMP agent of your operating system, see your operating system manufacturer for the
latest security enhancements.