<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2600.0" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Not sure if this had been circulated to everyone -
but on the 13th CERT issued an advisory about </FONT><FONT face=Arial
size=2>serious vulnerability in almost all implementations of the
SNMP protocol. This vulnerability can cause unauthorized privileged
access, denial-of-service attacks, or cause unstable behavior.<BR><BR>See the
CERT advisory below for specific details and additional courses of action.
It also includes a list of vendors (over 50 in all) and products which are known
to be vulnerable, and the status of updates to fix them.<BR><BR>HOW TO TELL IF
YOU'RE VULNERABLE<BR><BR> "rpm -qa | grep
ucd-snmp-4" reports a version PRIOR to
4.2.3-1.6.x.3<BR> </FONT><A
href="http://www.redhat.com/support/errata/RHSA-2001-163.html"><FONT face=Arial
size=2>http://www.redhat.com/support/errata/RHSA-2001-163.html</FONT></A><BR><BR><FONT
face=Arial size=2>For more information: <BR><BR>
</FONT><A href="http://www.cert.org/advisories/CA-2002-03.html"><FONT face=Arial
size=2>http://www.cert.org/advisories/CA-2002-03.html</FONT></A><BR></DIV>
<DIV><BR> </DIV></BODY></HTML>