ID

VAR-200202-0006


CVE

CVE-2002-0012


TITLE

Multiple vulnerabilities in SNMPv1 trap handling

Trust: 0.8

sources: CERT/CC: VU#107186

DESCRIPTION

Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code ・ If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the “Overview” for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. MPE/iX is an Internet-ready operating system for the HP e3000 class servers. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. It was previously known as UCD-SNMP. They typically notify the manager that some event has occured or otherwise provide information about the status of the agent. Multiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP trap messages. Among the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. HP has confirmed that large traps will cause OpenView Network Node Manager to crash. This may be due to an exploitable buffer overflow condition

Trust: 4.68

sources: NVD: CVE-2002-0012 // CERT/CC: VU#107186 // CERT/CC: VU#854306 // JVNDB: JVNDB-2002-000033 // BID: 89608 // BID: 89661 // BID: 5043 // BID: 4732 // BID: 4203 // BID: 4088

AFFECTED PRODUCTS

vendor:3commodel: - scope: - version: -

Trust: 1.6

vendor:adtranmodel: - scope: - version: -

Trust: 1.6

vendor:adventnetmodel: - scope: - version: -

Trust: 1.6

vendor:american power conversionmodel: - scope: - version: -

Trust: 1.6

vendor:aprismamodel: - scope: - version: -

Trust: 1.6

vendor:avayamodel: - scope: - version: -

Trust: 1.6

vendor:beamodel: - scope: - version: -

Trust: 1.6

vendor:bmcmodel: - scope: - version: -

Trust: 1.6

vendor:cntmodel: - scope: - version: -

Trust: 1.6

vendor:comtek servicesmodel: - scope: - version: -

Trust: 1.6

vendor:cscaremodel: - scope: - version: -

Trust: 1.6

vendor:cacheflowmodel: - scope: - version: -

Trust: 1.6

vendor:carrier accessmodel: - scope: - version: -

Trust: 1.6

vendor:ciscomodel: - scope: - version: -

Trust: 1.6

vendor:compaq computermodel: - scope: - version: -

Trust: 1.6

vendor:computer associatesmodel: - scope: - version: -

Trust: 1.6

vendor:concordmodel: - scope: - version: -

Trust: 1.6

vendor:dartmodel: - scope: - version: -

Trust: 1.6

vendor:dellmodel: - scope: - version: -

Trust: 1.6

vendor:digitalmodel: - scope: - version: -

Trust: 1.6

vendor:entradamodel: - scope: - version: -

Trust: 1.6

vendor:equinoxmodel: - scope: - version: -

Trust: 1.6

vendor:f5model: - scope: - version: -

Trust: 1.6

vendor:flukemodel: - scope: - version: -

Trust: 1.6

vendor:freebsdmodel: - scope: - version: -

Trust: 1.6

vendor:general datacommmodel: - scope: - version: -

Trust: 1.6

vendor:hewlett packardmodel: - scope: - version: -

Trust: 1.6

vendor:hirschmannmodel: - scope: - version: -

Trust: 1.6

vendor:hitachimodel: - scope: - version: -

Trust: 1.6

vendor:ibmmodel: - scope: - version: -

Trust: 1.6

vendor:iplanetmodel: - scope: - version: -

Trust: 1.6

vendor:itouchmodel: - scope: - version: -

Trust: 1.6

vendor:infovistamodel: - scope: - version: -

Trust: 1.6

vendor:inktomimodel: - scope: - version: -

Trust: 1.6

vendor:innerdivemodel: - scope: - version: -

Trust: 1.6

vendor:ipswitchmodel: - scope: - version: -

Trust: 1.6

vendor:junipermodel: - scope: - version: -

Trust: 1.6

vendor:karlnetmodel: - scope: - version: -

Trust: 1.6

vendor:lantronixmodel: - scope: - version: -

Trust: 1.6

vendor:larscom incorporatedmodel: - scope: - version: -

Trust: 1.6

vendor:lotusmodel: - scope: - version: -

Trust: 1.6

vendor:lucentmodel: - scope: - version: -

Trust: 1.6

vendor:mg softmodel: - scope: - version: -

Trust: 1.6

vendor:mandrivamodel: - scope: - version: -

Trust: 1.6

vendor:marconimodel: - scope: - version: -

Trust: 1.6

vendor:mercury interactivemodel: - scope: - version: -

Trust: 1.6

vendor:metrobility opticalmodel: - scope: - version: -

Trust: 1.6

vendor:micromusemodel: - scope: - version: -

Trust: 1.6

vendor:microsoftmodel: - scope: - version: -

Trust: 1.6

vendor:monfoxmodel: - scope: - version: -

Trust: 1.6

vendor:multinetmodel: - scope: - version: -

Trust: 1.6

vendor:necmodel: - scope: - version: -

Trust: 1.6

vendor:net snmpmodel: - scope: - version: -

Trust: 1.6

vendor:network harmonimodel: - scope: - version: -

Trust: 1.6

vendor:nbase xyplexmodel: - scope: - version: -

Trust: 1.6

vendor:netscoutmodel: - scope: - version: -

Trust: 1.6

vendor:netsiliconmodel: - scope: - version: -

Trust: 1.6

vendor:netscapemodel: - scope: - version: -

Trust: 1.6

vendor:network appliancemodel: - scope: - version: -

Trust: 1.6

vendor:nortelmodel: - scope: - version: -

Trust: 1.6

vendor:novellmodel: - scope: - version: -

Trust: 1.6

vendor:openwavemodel: - scope: - version: -

Trust: 1.6

vendor:optical accessmodel: - scope: - version: -

Trust: 1.6

vendor:oraclemodel: - scope: - version: -

Trust: 1.6

vendor:perlemodel: - scope: - version: -

Trust: 1.6

vendor:powerwaremodel: - scope: - version: -

Trust: 1.6

vendor:radwaremodel: - scope: - version: -

Trust: 1.6

vendor:red hatmodel: - scope: - version: -

Trust: 1.6

vendor:redbackmodel: - scope: - version: -

Trust: 1.6

vendor:riverstonemodel: - scope: - version: -

Trust: 1.6

vendor:snmp researchmodel: - scope: - version: -

Trust: 1.6

vendor:sniffermodel: - scope: - version: -

Trust: 1.6

vendor:sonicwallmodel: - scope: - version: -

Trust: 1.6

vendor:sonusmodel: - scope: - version: -

Trust: 1.6

vendor:stonesoftmodel: - scope: - version: -

Trust: 1.6

vendor:sun microsystemsmodel: - scope: - version: -

Trust: 1.6

vendor:symantecmodel: - scope: - version: -

Trust: 1.6

vendor:the sco group sco unixmodel: - scope: - version: -

Trust: 1.6

vendor:tivolimodel: - scope: - version: -

Trust: 1.6

vendor:toshibamodel: - scope: - version: -

Trust: 1.6

vendor:unispheremodel: - scope: - version: -

Trust: 1.6

vendor:verticalmodel: - scope: - version: -

Trust: 1.6

vendor:vinamodel: - scope: - version: -

Trust: 1.6

vendor:wind rivermodel: - scope: - version: -

Trust: 1.6

vendor:world wide packetsmodel: - scope: - version: -

Trust: 1.6

vendor:xeroxmodel: - scope: - version: -

Trust: 1.6

vendor:e securitymodel: - scope: - version: -

Trust: 1.6

vendor:net commodel: - scope: - version: -

Trust: 1.6

vendor:ibmmodel:aixscope:eqversion:4.3

Trust: 1.1

vendor:ibmmodel:aixscope:eqversion:5.1

Trust: 1.1

vendor:snmpmodel:snmpscope:eqversion:*

Trust: 1.0

vendor:microsoftmodel:windows 98sescope: - version: -

Trust: 0.9

vendor:microsoftmodel:windowsscope:eqversion:95

Trust: 0.9

vendor:microsoftmodel:windows serverscope:eqversion:2000

Trust: 0.9

vendor:nudesign teammodel: - scope: - version: -

Trust: 0.8

vendor:outback resource groupmodel: - scope: - version: -

Trust: 0.8

vendor:veritasmodel: - scope: - version: -

Trust: 0.8

vendor:bintecmodel: - scope: - version: -

Trust: 0.8

vendor:internichemodel: - scope: - version: -

Trust: 0.8

vendor:ncipher corpmodel: - scope: - version: -

Trust: 0.8

vendor:netscreenmodel: - scope: - version: -

Trust: 0.8

vendor:nokiamodel: - scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:2.6 (sparc)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:2.6 (x86)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:7.0 (sparc)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:7.0 (x86)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:8 (sparc)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:8 (x86)

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:10.00

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:10.10

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:10.20

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.00

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.11

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.20

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:10.24

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.04

Trust: 0.8

vendor:microsoftmodel:windows 2000scope: - version: -

Trust: 0.8

vendor:microsoftmodel:windows 9xscope:eqversion:95

Trust: 0.8

vendor:microsoftmodel:windows 9xscope:eqversion:98

Trust: 0.8

vendor:microsoftmodel:windows 9xscope:eqversion:98 scd

Trust: 0.8

vendor:microsoftmodel:windows 9xscope:eqversion:me

Trust: 0.8

vendor:microsoftmodel:windows ntscope:eqversion:4.0 (server)

Trust: 0.8

vendor:microsoftmodel:windows ntscope:eqversion:4.0 (terminal_srv)

Trust: 0.8

vendor:microsoftmodel:windows ntscope:eqversion:4.0 (workstation)

Trust: 0.8

vendor:microsoftmodel:windows xpscope:eqversion:sp3

Trust: 0.8

vendor:red hatmodel:linuxscope:eqversion:6.2

Trust: 0.8

vendor:red hatmodel:linuxscope:eqversion:7.0

Trust: 0.8

vendor:red hatmodel:linuxscope:eqversion:7.1

Trust: 0.8

vendor:red hatmodel:linuxscope:eqversion:7.2

Trust: 0.8

vendor:microsoftmodel:windows xp goldscope:eqversion:0

Trust: 0.6

vendor:microsoftmodel:windows ntscope:eqversion:4.0

Trust: 0.6

vendor:hpmodel:mpe/ixscope:eqversion:6.5

Trust: 0.6

vendor:hpmodel:mpe/ixscope:eqversion:6.0

Trust: 0.6

vendor:hpmodel:mpe/ixscope:eqversion:5.5

Trust: 0.6

vendor:hpmodel:mpe/ixscope:eqversion:5.0

Trust: 0.6

vendor:hpmodel:mpe/ixscope:eqversion:4.5

Trust: 0.6

vendor:hpmodel:mpe/ixscope:eqversion:4.0

Trust: 0.6

vendor:net snmpmodel:ucd-snmpscope:eqversion:4.2.1

Trust: 0.6

vendor:net snmpmodel:ucd-snmpscope:eqversion:4.1.1

Trust: 0.6

vendor:net snmpmodel:ucd-snmpscope:neversion:4.2.2

Trust: 0.6

vendor:snmpmodel:snmpscope: - version: -

Trust: 0.6

vendor:hpmodel:mpe/ixscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:sunatmscope:eqversion:5.0

Trust: 0.3

vendor:sunmodel:sunatmscope:eqversion:4.0.1

Trust: 0.3

vendor:sunmodel:sunatmscope:eqversion:3.0.1

Trust: 0.3

vendor:sunmodel:sunatmscope:eqversion:2.1

Trust: 0.3

vendor:net snmpmodel:ucd-snmpscope:eqversion:4.1.2

Trust: 0.3

vendor:net snmpmodel:ucd-snmpscope:neversion:4.2.3

Trust: 0.3

vendor:sunmodel:solaris 8 x86scope: - version: -

Trust: 0.3

vendor:sunmodel:solaris 8 sparcscope: - version: -

Trust: 0.3

vendor:sunmodel:solaris 7.0 x86scope: - version: -

Trust: 0.3

vendor:sunmodel:solarisscope:eqversion:7.0

Trust: 0.3

vendor:sunmodel:solaris 2.6 x86scope: - version: -

Trust: 0.3

vendor:sunmodel:solarisscope:eqversion:2.6

Trust: 0.3

vendor:sunmodel:enterprise server sspscope:eqversion:100003.5

Trust: 0.3

vendor:sunmodel:enterprise server sspscope:eqversion:100003.4

Trust: 0.3

vendor:sunmodel:enterprise server sspscope:eqversion:100003.3

Trust: 0.3

vendor:snmpmodel:research mid-level managerscope:eqversion:15.3

Trust: 0.3

vendor:snmpmodel:research enterpolscope:eqversion:15.3

Trust: 0.3

vendor:snmpmodel:research dr-web managerscope:eqversion:15.3

Trust: 0.3

vendor:sgimodel:brocadescope:eqversion:2.6.0

Trust: 0.3

vendor:redbackmodel:networks aosscope: - version: -

Trust: 0.3

vendor:realnetworksmodel:realplayer intranetscope:eqversion:5.0

Trust: 0.3

vendor:processmodel:software tcpwarescope:eqversion:5.5

Trust: 0.3

vendor:processmodel:software multinetscope:eqversion:4.4

Trust: 0.3

vendor:oraclemodel:enterprise managerscope:eqversion:9.0.1

Trust: 0.3

vendor:oraclemodel:enterprise managerscope:eqversion:2.2

Trust: 0.3

vendor:oraclemodel:enterprise managerscope:eqversion:2.1

Trust: 0.3

vendor:oraclemodel:enterprise managerscope:eqversion:2.0

Trust: 0.3

vendor:oraclemodel:enterprise managerscope:eqversion:1.6.5

Trust: 0.3

vendor:novellmodel:netwarescope:eqversion:6.0

Trust: 0.3

vendor:novellmodel:netwarescope:eqversion:5.1

Trust: 0.3

vendor:novellmodel:netwarescope:eqversion:5.0

Trust: 0.3

vendor:novellmodel:netwarescope:eqversion:4.11

Trust: 0.3

vendor:novellmodel:netwarescope:eqversion:4.2

Trust: 0.3

vendor:novellmodel:netwarescope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows xp professionalscope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp homescope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp6ascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp6scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp5scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp4scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp3scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp2scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstation sp1scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt workstationscope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp6scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp5scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp4scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp3scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp2scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal server sp1scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt terminal serverscope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp6ascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp6scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp5scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp4scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp3scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp2scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt server sp1scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt serverscope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp6ascope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp6scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp5scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp4scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp3scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp2scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise server sp1scope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windows nt enterprise serverscope:eqversion:4.0

Trust: 0.3

vendor:microsoftmodel:windowsscope:eqversion:98

Trust: 0.3

vendor:microsoftmodel:windows terminal services sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows terminal services sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows terminal servicesscope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows server sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows server sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professional sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professional sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professionalscope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter server sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter server sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter serverscope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced server sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced server sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced serverscope:eqversion:2000

Trust: 0.3

vendor:lotusmodel:domino snmp agents solarisscope:eqversion:5.0.1x86

Trust: 0.3

vendor:lotusmodel:domino snmp agents solaris sparcscope:eqversion:5.0.1

Trust: 0.3

vendor:lotusmodel:domino snmp agents hp-uxscope:eqversion:5.0.1

Trust: 0.3

vendor:lantronixmodel:lrsscope: - version: -

Trust: 0.3

vendor:junipermodel:junosscope:eqversion:5.0

Trust: 0.3

vendor:innerdivemodel:solutions router ip consolescope:eqversion:3.3.0.406

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:4.3.3

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:4.3.2

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:4.3.1

Trust: 0.3

vendor:hpmodel:secure os software for linuxscope:eqversion:1.0

Trust: 0.3

vendor:hpmodel:procurve switch 8000mscope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 4108gl-bundlescope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 4108glscope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 4000mscope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switchscope:eqversion:2525

Trust: 0.3

vendor:hpmodel:procurve switchscope:eqversion:2524

Trust: 0.3

vendor:hpmodel:procurve switchscope:eqversion:2512

Trust: 0.3

vendor:hpmodel:procurve switch 2424mscope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 2400mscope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 1600mscope: - version: -

Trust: 0.3

vendor:hpmodel:ov/samscope:eqversion:3.0.1

Trust: 0.3

vendor:hpmodel:openview network node managerscope:eqversion:6.10

Trust: 0.3

vendor:hpmodel:openview network node manager solarisscope:eqversion:6.2

Trust: 0.3

vendor:hpmodel:openview network node manager nt 4.x/windowsscope:eqversion:6.22000

Trust: 0.3

vendor:hpmodel:openview network node manager hp-uxscope:eqversion:6.211.x

Trust: 0.3

vendor:hpmodel:openview network node manager hp-uxscope:eqversion:6.210.x

Trust: 0.3

vendor:hpmodel:openview network node managerscope:eqversion:6.2

Trust: 0.3

vendor:hpmodel:openview network node manager solarisscope:eqversion:6.1

Trust: 0.3

vendor:hpmodel:openview network node manager hp-uxscope:eqversion:6.111.x

Trust: 0.3

vendor:hpmodel:openview network node manager hp-uxscope:eqversion:6.110.x

Trust: 0.3

vendor:hpmodel:openview network node manager solarisscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:openview network node manager nt 4.x/windowsscope:eqversion:6.02000

Trust: 0.3

vendor:hpmodel:openview network node manager hp-uxscope:eqversion:6.011.x

Trust: 0.3

vendor:hpmodel:openview network node manager hp-uxscope:eqversion:6.010.20

Trust: 0.3

vendor:hpmodel:openview network node manager windows ntscope:eqversion:5.0.23.51/4.0

Trust: 0.3

vendor:hpmodel:openview network node manager solarisscope:eqversion:5.01

Trust: 0.3

vendor:hpmodel:openview network node manager hp-uxscope:eqversion:5.01

Trust: 0.3

vendor:hpmodel:openview network node managerscope:eqversion:5.01

Trust: 0.3

vendor:hpmodel:openview network node manager solarisscope:eqversion:4.11

Trust: 0.3

vendor:hpmodel:openview network node manager hp-uxscope:eqversion:4.11

Trust: 0.3

vendor:hpmodel:openview extensible snmp agentscope:eqversion:4.0

Trust: 0.3

vendor:hpmodel:openview emanate snmp agent solarisscope:eqversion:14.22.x

Trust: 0.3

vendor:hpmodel:openview emanate snmp agent hp-uxscope:eqversion:14.211.x

Trust: 0.3

vendor:hpmodel:openview emanate snmp agent hp-uxscope:eqversion:14.210.20

Trust: 0.3

vendor:hpmodel:openview distributed managementscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:openview distributed managementscope:eqversion:5.03

Trust: 0.3

vendor:hpmodel:mc/serviceguardscope: - version: -

Trust: 0.3

vendor:hpmodel:jetdirectscope:eqversion:x.20.00

Trust: 0.3

vendor:hpmodel:jetdirectscope:eqversion:x.08.32

Trust: 0.3

vendor:hpmodel:jetdirectscope:eqversion:x.08.00

Trust: 0.3

vendor:hpmodel:ito/vpo/ovo unixscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.04

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.24

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.20

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.11

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.0

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.20

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.10

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.0

Trust: 0.3

vendor:hpmodel:ems a.03.20scope: - version: -

Trust: 0.3

vendor:hpmodel:ems a.03.10scope: - version: -

Trust: 0.3

vendor:hpmodel:ems a.03.00scope: - version: -

Trust: 0.3

vendor:comtekmodel:services nmserverscope:eqversion:3.4

Trust: 0.3

vendor:computermodel:associates unicenterscope: - version: -

Trust: 0.3

vendor:calderamodel:unixwarescope:eqversion:7.1.1

Trust: 0.3

vendor:calderamodel:unixwarescope:eqversion:7.1.0

Trust: 0.3

vendor:calderamodel:unixwarescope:eqversion:7

Trust: 0.3

vendor:calderamodel:openunixscope:eqversion:8.0

Trust: 0.3

vendor:calderamodel:openserverscope:eqversion:5.0.6

Trust: 0.3

vendor:calderamodel:openserverscope:eqversion:5.0.5

Trust: 0.3

vendor:cacheflowmodel:cacheosscope:eqversion:4.0

Trust: 0.3

vendor:cacheflowmodel:cacheosscope:eqversion:3.1

Trust: 0.3

vendor:adventnetmodel:web nms msp editionscope: - version: -

Trust: 0.3

vendor:adventnetmodel:web nmsscope: - version: -

Trust: 0.3

vendor:adventnetmodel:snmp utilitiesscope: - version: -

Trust: 0.3

vendor:adventnetmodel:snmp apiscope: - version: -

Trust: 0.3

vendor:adventnetmodel:mediation serverscope: - version: -

Trust: 0.3

vendor:adventnetmodel:management builderscope: - version: -

Trust: 0.3

vendor:adventnetmodel:fault management toolkitscope: - version: -

Trust: 0.3

vendor:adventnetmodel:configuration management toolkitscope: - version: -

Trust: 0.3

vendor:adventnetmodel:cli apiscope: - version: -

Trust: 0.3

vendor:adventnetmodel:agent toolkit java/jmx editionscope: - version: -

Trust: 0.3

vendor:adventnetmodel:agent toolkit c editionscope:eqversion: -

Trust: 0.3

vendor:3commodel:webcachescope:eqversion:3000

Trust: 0.3

vendor:3commodel:webcachescope:eqversion:1000

Trust: 0.3

vendor:3commodel:switchscope:eqversion:4900

Trust: 0.3

vendor:3commodel:switchscope:eqversion:4400

Trust: 0.3

vendor:3commodel:switchscope:eqversion:3300

Trust: 0.3

vendor:3commodel:switchscope:eqversion:1100

Trust: 0.3

vendor:3commodel:ps hubscope:eqversion:50

Trust: 0.3

vendor:3commodel:ps hubscope:eqversion:40

Trust: 0.3

vendor:3commodel:dual speed hubscope: - version: -

Trust: 0.3

vendor:sgimodel:brocade .0dscope:neversion:2.6

Trust: 0.3

vendor:innerdivemodel:solutions router ip consolescope:neversion:3.3.0.407

Trust: 0.3

vendor:hpmodel:jetdirectscope:neversion:x.21.00

Trust: 0.3

vendor:hpmodel:jetdirectscope:neversion:x.08.32

Trust: 0.3

sources: CERT/CC: VU#107186 // CERT/CC: VU#854306 // BID: 89608 // BID: 89661 // BID: 5043 // BID: 4732 // BID: 4203 // BID: 4088 // JVNDB: JVNDB-2002-000033 // CNNVD: CNNVD-200202-007 // NVD: CVE-2002-0012

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-0012
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#107186
value: 69.26

Trust: 0.8

CARNEGIE MELLON: VU#854306
value: 42.64

Trust: 0.8

NVD: CVE-2002-0012
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200202-007
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2002-0012
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: CERT/CC: VU#107186 // CERT/CC: VU#854306 // JVNDB: JVNDB-2002-000033 // CNNVD: CNNVD-200202-007 // NVD: CVE-2002-0012

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.8

sources: JVNDB: JVNDB-2002-000033 // NVD: CVE-2002-0012

THREAT TYPE

network

Trust: 1.8

sources: BID: 89608 // BID: 89661 // BID: 5043 // BID: 4732 // BID: 4203 // BID: 4088

TYPE

Input Validation Error

Trust: 0.6

sources: BID: 89608 // BID: 89661

CONFIGURATIONS

sources: JVNDB: JVNDB-2002-000033

PATCH

title:HPSBUX00184url:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00964944

Trust: 0.8

title:MS02-006url:http://www.microsoft.com/technet/security/bulletin/ms02-006.mspx

Trust: 0.8

title:RHSA-2001:163url:http://rhn.redhat.com/errata/RHSA-2001-163.html

Trust: 0.8

title:#00215url:http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-1

Trust: 0.8

title:#00215url:http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-3

Trust: 0.8

title:IBM Information for VU#107186url:http://www.kb.cert.org/vuls/id/IAFY-55KRCV

Trust: 0.8

title:MS02-006url:http://www.microsoft.com/japan/technet/security/Bulletin/ms02-006.mspx

Trust: 0.8

title:RHSA-2001:163url:http://www.jp.redhat.com/support/errata/RHSA/RHSA-2001-163J.html

Trust: 0.8

sources: JVNDB: JVNDB-2002-000033

EXTERNAL IDS

db:NVDid:CVE-2002-0012

Trust: 3.9

db:CERT/CCid:VU#107186

Trust: 3.2

db:BIDid:4088

Trust: 2.2

db:BIDid:4732

Trust: 1.9

db:BIDid:4089

Trust: 1.9

db:BIDid:4132

Trust: 1.6

db:CERT/CCid:VU#854306

Trust: 1.4

db:BIDid:5043

Trust: 1.3

db:XFid:8177

Trust: 0.8

db:JVNDBid:JVNDB-2002-000033

Trust: 0.8

db:CNNVDid:CNNVD-200202-007

Trust: 0.6

db:BIDid:89608

Trust: 0.3

db:BIDid:89661

Trust: 0.3

db:BIDid:4203

Trust: 0.3

sources: CERT/CC: VU#107186 // CERT/CC: VU#854306 // BID: 89608 // BID: 89661 // BID: 5043 // BID: 4732 // BID: 4203 // BID: 4088 // JVNDB: JVNDB-2002-000033 // CNNVD: CNNVD-200202-007 // NVD: CVE-2002-0012

REFERENCES

url:http://www.cert.org/advisories/ca-2002-03.html

Trust: 4.0

url:http://www.kb.cert.org/vuls/id/107186

Trust: 3.4

url:http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html

Trust: 2.6

url:ftp://patches.sgi.com/support/free/security/advisories/20020201-01-a

Trust: 2.0

url:http://www.iss.net/security_center/alerts/advise110.php

Trust: 2.0

url:http://www.redhat.com/support/errata/rhsa-2001-163.html

Trust: 2.0

url:http://www.securityfocus.com/advisories/4211

Trust: 2.0

url:http://www.securityfocus.com/bid/5043

Trust: 2.0

url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006

Trust: 2.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1048

Trust: 2.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a144

Trust: 2.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a161

Trust: 2.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a298

Trust: 2.0

url:http://www.ee.oulu.fi/research/ouspg/protos/

Trust: 1.6

url:http://www.cert.org/tech_tips/denial_of_service.html

Trust: 1.6

url:http://www.ietf.org/rfc/rfc3000.txt

Trust: 1.6

url:http://www.ietf.org/rfc/rfc1212.txt

Trust: 1.6

url:http://www.ietf.org/rfc/rfc1213.txt

Trust: 1.6

url:http://www.ietf.org/rfc/rfc1215.txt

Trust: 1.6

url:http://www.ietf.org/rfc/rfc1270.txt

Trust: 1.6

url:http://www.ietf.org/rfc/rfc2570.txt

Trust: 1.6

url:http://www.ietf.org/rfc/rfc2571.txt

Trust: 1.6

url:http://www.ietf.org/rfc/rfc2572.txt

Trust: 1.6

url:http://www.ietf.org/rfc/rfc2573.txt

Trust: 1.6

url:http://www.ietf.org/rfc/rfc2574.txt

Trust: 1.6

url:http://www.ietf.org/rfc/rfc2575.txt

Trust: 1.6

url:http://www.ietf.org/rfc/rfc2576.txt

Trust: 1.6

url:http://www.securityfocus.com/bid/4088

Trust: 1.6

url:http://online.securityfocus.com/bid/4132

Trust: 1.6

url:http://online.securityfocus.com/bid/4732

Trust: 1.6

url:http://www.securityfocus.com/bid/4089

Trust: 1.6

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0012

Trust: 1.4

url:http://www.ciac.org/ciac/bulletins/m-042.shtml

Trust: 0.8

url:http://www.ipa.go.jp/security/ciadr/20020213snmp.html

Trust: 0.8

url:http://www.jpcert.or.jp/wr/2002/wr020701.txt

Trust: 0.8

url:http://www.jpcert.or.jp/wr/2002/wr020901.txt

Trust: 0.8

url:http://www.jpcert.or.jp/at/2002/at020001.txt

Trust: 0.8

url:http://jvn.jp/cert/jvnca-2002-03

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0012

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/8177

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0013

Trust: 0.6

url:http://www.microsoft.com/technet/security/bulletin/ms02-006.asp

Trust: 0.6

url:http://www.kb.cert.org/vuls/id/854306

Trust: 0.6

url:http://online.securityfocus.com/bid/4088

Trust: 0.3

url:http://online.securityfocus.com/bid/4089

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f44605

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f42769

Trust: 0.3

url:http://online.securityfocus.com/news/474

Trust: 0.3

url:http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-006.asp

Trust: 0.3

url:http://otn.oracle.com/deploy/security/pdf/snmp_2002_alert.pdf

Trust: 0.3

sources: CERT/CC: VU#107186 // CERT/CC: VU#854306 // BID: 89608 // BID: 89661 // BID: 5043 // BID: 4732 // BID: 4203 // BID: 4088 // JVNDB: JVNDB-2002-000033 // NVD: CVE-2002-0012

CREDITS

Discovered by the Oulu University Secure Programming Group.

Trust: 0.9

sources: BID: 5043 // BID: 4203 // BID: 4088

SOURCES

db:CERT/CCid:VU#107186
db:CERT/CCid:VU#854306
db:BIDid:89608
db:BIDid:89661
db:BIDid:5043
db:BIDid:4732
db:BIDid:4203
db:BIDid:4088
db:JVNDBid:JVNDB-2002-000033
db:CNNVDid:CNNVD-200202-007
db:NVDid:CVE-2002-0012

LAST UPDATE DATE

2024-12-21T23:10:44.431000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#107186date:2007-11-07T00:00:00
db:CERT/CCid:VU#854306date:2007-11-07T00:00:00
db:BIDid:89608date:2002-03-08T00:00:00
db:BIDid:89661date:2002-03-08T00:00:00
db:BIDid:5043date:2009-07-11T13:56:00
db:BIDid:4732date:2002-05-13T00:00:00
db:BIDid:4203date:2009-07-11T10:56:00
db:BIDid:4088date:2009-07-11T10:56:00
db:JVNDBid:JVNDB-2002-000033date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200202-007date:2005-10-20T00:00:00
db:NVDid:CVE-2002-0012date:2024-11-20T23:38:05.600

SOURCES RELEASE DATE

db:CERT/CCid:VU#107186date:2002-01-16T00:00:00
db:CERT/CCid:VU#854306date:2002-02-12T00:00:00
db:BIDid:89608date:2002-03-08T00:00:00
db:BIDid:89661date:2002-03-08T00:00:00
db:BIDid:5043date:2002-06-18T00:00:00
db:BIDid:4732date:2002-05-13T00:00:00
db:BIDid:4203date:2002-02-27T00:00:00
db:BIDid:4088date:2002-02-12T00:00:00
db:JVNDBid:JVNDB-2002-000033date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200202-007date:2002-02-13T00:00:00
db:NVDid:CVE-2002-0012date:2002-02-13T05:00:00