var-200203-0024
Vulnerability from variot

Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. For details, refer to each product.Please refer to the “Overview” for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. The resultant crash may be due to a buffer overflow condition. If this is the case, attackers may be able to exploit this vulnerability to execute arbitrary code. Cisco products contain multiple vulnerabilities in handling of SNMP requests and traps. A general report for multiple vendors was initially published on February 12 (Bugtraq IDs 4088 and 4089), however more information is now available and a separate Bugtraq ID has been allocated for the Cisco Operating Systems and Appliances vulnerabilities. It is reportedly possible for a remote attacker to create a denial of service condition by transmitting a malformed SNMP request to a vulnerable Cisco Operating System or Appliance. The affected device may reset, or require a manual reset to regain functionality.

-----BEGIN PGP SIGNED MESSAGE-----

CERT Advisory CA-2002-03: Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP)

Original release date: February 12, 2002 Last revised: -- Source: CERT/CC

A complete revision history can be found at the end of this file.

Systems Affected

Products from a very wide variety of vendors may be affected. See Vendor Information for details from vendors who have provided feedback for this advisory.

In addition to the vendors who provided feedback for this advisory, a list of vendors whom CERT/CC contacted regarding these problems is available from http://www.kb.cert.org/vuls/id/854306 http://www.kb.cert.org/vuls/id/107186

Many other systems making use of SNMP may also be vulnerable but were not specifically tested.

In addition to this advisory, we also have an FAQ available at http://www.cert.org/tech_tips/snmp_faq.html

I. Version 1 of the protocol (SNMPv1) defines several types of SNMP messages that are used to request information or configuration changes, respond to requests, enumerate SNMP objects, and send unsolicited alerts. The Oulu University Secure Programming Group (OUSPG, http://www.ee.oulu.fi/research/ouspg/) has reported numerous vulnerabilities in SNMPv1 implementations from many different vendors. More information about SNMP and OUSPG can be found in Appendix C

OUSPG's research focused on the manner in which SNMPv1 agents and managers handle request and trap messages. A trap message may indicate a warning or error condition or otherwise notify the manager about the agent's state. SNMP managers must properly decode trap messages and process the resulting data. Request messages might be issued to obtain information from an agent or to instruct the agent to configure the host device.

Vulnerabilities in the decoding and subsequent processing of SNMP messages by both managers and agents may result in denial-of-service conditions, format string vulnerabilities, and buffer overflows. Some vulnerabilities do not require the SNMP message to use the correct SNMP community string.

These vulnerabilities have been assigned the CVE identifiers CAN-2002-0012 and CAN-2002-0013, respectively.

II. Specific impacts will vary from product to product.

III. Solution

Note that many of the mitigation steps recommended below may have significant impact on your everyday network operations and/or network architecture. Ensure that any changes made based on the following recommendations will not unacceptably affect your ongoing network operations capability.

Apply a patch from your vendor

Appendix A contains information provided by vendors for this advisory. Please consult this appendix to determine if you need to contact your vendor directly.

Disable the SNMP service

As a general rule, the CERT/CC recommends disabling any service or capability that is not explicitly required, including SNMP. Unfortunately, some of the affected products exhibited unexpected behavior or denial of service conditions when exposed to the OUSPG test suite even if SNMP was not enabled. In these cases, disabling SNMP should be used in conjunction with the filtering practices listed below to provide additional protection.

Ingress filtering

As a temporary measure, it may be possible to limit the scope of these vulnerabilities by blocking access to SNMP services at the network perimeter.

Ingress filtering manages the flow of traffic as it enters a network under your administrative control. Servers are typically the only machines that need to accept inbound traffic from the public Internet. In the network usage policy of many sites, there are few reasons for external hosts to initiate inbound traffic to machines that provide no public services. Thus, ingress filtering should be performed at the border to prohibit externally initiated inbound traffic to non-authorized services. For SNMP, ingress filtering of the following ports can prevent attackers outside of your network from impacting vulnerable devices in the local network that are not explicitly authorized to provide public SNMP services.

snmp 161/udp # Simple Network Management Protocol (SNMP) snmp 162/udp # SNMP system management messages

The following services are less common, but may be used on some affected products

snmp 161/tcp # Simple Network Management Protocol (SNMP) snmp 162/tcp # SNMP system management messages smux 199/tcp # SNMP Unix Multiplexer smux 199/udp # SNMP Unix Multiplexer synoptics-relay 391/tcp # SynOptics SNMP Relay Port synoptics-relay 391/udp # SynOptics SNMP Relay Port agentx 705/tcp # AgentX snmp-tcp-port 1993/tcp # cisco SNMP TCP port snmp-tcp-port 1993/udp # cisco SNMP TCP port

As noted above, you should carefully consider the impact of blocking services that you may be using.

It is important to note that in many SNMP implementations, the SNMP daemon may bind to all IP interfaces on the device. This has important consequences when considering appropriate packet filtering measures required to protect an SNMP-enabled device. For example, even if a device disallows SNMP packets directed to the IP addresses of its normal network interfaces, it may still be possible to exploit these vulnerabilities on that device through the use of packets directed at the following IP addresses: * "all-ones" broadcast address * subnet broadcast address * any internal loopback addresses (commonly used in routers for management purposes, not to be confused with the IP stack loopback address 127.0.0.1)

Careful consideration should be given to addresses of the types mentioned above by sites planning for packet filtering as part of their mitigation strategy for these vulnerabilities.

Finally, sites may wish to block access to the following RPC services related to SNMP (listed as name, program ID, alternate names)

snmp 100122 na.snmp snmp-cmc snmp-synoptics snmp-unisys snmp-utk snmpv2 100138 na.snmpv2 # SNM Version 2.2.2 snmpXdmid 100249

Please note that this workaround may not protect vulnerable devices from internal attacks.

Filter SNMP traffic from non-authorized internal hosts

In many networks, only a limited number of network management systems need to originate SNMP request messages. Therefore, it may be possible to configure the SNMP agent systems (or the network devices in between the management and agent systems) to disallow request messages from non-authorized systems. This can reduce, but not wholly eliminate, the risk from internal attacks. However, it may have detrimental effects on network performance due to the increased load imposed by the filtering, so careful consideration is required before implementation. Similar caveats to the previous workaround regarding broadcast and loopback addresses apply.

Change default community strings

Most SNMP-enabled products ship with default community strings of "public" for read-only access and "private" for read-write access. As with any known default access control mechanism, the CERT/CC recommends that network administrators change these community strings to something of their own choosing. However, even when community strings are changed from their defaults, they will still be passed in plaintext and are therefore subject to packet sniffing attacks. SNMPv3 offers additional capabilities to ensure authentication and privacy as described in RFC2574.

Because many of the vulnerabilities identified in this advisory occur before the community strings are evaluated, it is important to note that performing this step alone is not sufficient to mitigate the impact of these vulnerabilities. Nonetheless, it should be performed as part of good security practice.

Segregate SNMP traffic onto a separate management network

In situations where blocking or disabling SNMP is not possible, exposure to these vulnerabilities may be limited by restricting all SNMP access to separate, isolated management networks that are not publicly accessible. Although this would ideally involve physically separate networks, that kind of separation is probably not feasible in most environments. Mechanisms such as virtual LANs (VLANs) may be used to help segregate traffic on the same physical network. Note that VLANs may not strictly prevent an attacker from exploiting these vulnerabilities, but they may make it more difficult to initiate the attacks.

Another option is for sites to restrict SNMP traffic to separate virtual private networks (VPNs), which employ cryptographically strong authentication.

Note that these solutions may require extensive changes to a site's network architecture.

Egress filtering

Egress filtering manages the flow of traffic as it leaves a network under your administrative control. There is typically limited need for machines providing public services to initiate outbound traffic to the Internet. In the case of SNMP vulnerabilities, employing egress filtering on the ports listed above at your network border can prevent your network from being used as a source for attacks on other sites.

Disable stack execution

Disabling executable stacks (on systems where this is configurable) can reduce the risk of "stack smashing" attacks based on these vulnerabilities. Although this does not provide 100 percent protection against exploitation of these vulnerabilities, it makes the likelihood of a successful exploit much smaller. On many UNIX systems, executable stacks can be disabled by adding the following lines to /etc/system:

set noexec_user_stack = 1 set noexec_user_stack_log = 1

Note that this may go against the SPARC and Intel ABIs and can be bypassed as required in programs with mprotect(2). For the changes to take effect you will then need to reboot.

Other operating systems and architectures also support the disabling of executable stacks either through native configuration parameters or via third-party software. Consult your vendor(s) for additional information.

Share tools and techniques

Because dealing with these vulnerabilities to systems and networks is so complex, the CERT/CC will provide a forum where administrators can share ideas and techniques that can be used to develop proper defenses. We have created an unmoderated mailing list for system and network administrators to discuss helpful techniques and tools.

You can subscribe to the mailing list by sending an email message to majordomo@cert.org. In the body of the message, type

subscribe snmp-forum

After you receive the confirmation message, follow the instructions in the message to complete the subscription process.

Appendix A. - Vendor Information

This appendix contains information provided by vendors for this advisory. As vendors report new information to the CERT/CC, we will update this section and note the changes in our revision history. If a particular vendor is not listed below, we have not received their comments.

AdventNet

 This  is in reference to your notification regarding [VU#107186 and
 VU#854306]  and  OUSPG#0100.   AdventNet  Inc.  has reproduced this
 behavior  in  their  products and coded a Service Pack fix which is
 currently   in   regression   testing   in  AdventNet  Inc.'s  Q.A. 
 organization.    The  release  of  AdventNet  Inc's.  Service  Pack
 correcting  the  behavior  outlined in VU#617947, and OUSPG#0100 is
 scheduled  to  be  generally  available  to all of AdventNet Inc.'s
 customers by February 20, 2002.

Avaya

 Avaya  Inc.

CacheFlow

 The  purpose of this email is to advise you that CacheFlow Inc. has
 provided a software update. Please be advised that updated versions
 of  the  software  are  now  available  for all supported CacheFlow
 hardware  platforms,  and may be obtained by CacheFlow customers at
 the following URL:

      http://download.cacheflow.com/

The specific reference to the software update is contained within the Release Notes for CacheOS Versions 3.1.22 Release ID 17146, 4.0.15 Release ID 17148, 4.1.02 Release ID 17144 and 4.0.15 Release ID 17149.

RELEASE NOTES FOR CACHEFLOW SERVER ACCELERATOR PRODUCTS: * http://download.cacheflow.com/release/SA/4.0.15/relnotes.htm

RELEASE NOTES FOR CACHEFLOW CONTENT ACCELERATOR PRODUCTS: * http://download.cacheflow.com/release/CA/3.1.22/relnotes.htm * http://download.cacheflow.com/release/CA/4.0.15/relnotes.htm * http://download.cacheflow.com/release/CA/4.1.02/relnotes.htm

 * SR   1-1647517,   VI  13045:  This  update  modified  a  potential
 vulnerability by using an SNMP test tools exploit.

3Com Corporation

 A  vulnerability to an SNMP packet with an invalid length community
 string  has  been  resolved  in  the  following products. Customers
 concerned  about  this  weakness should ensure that they upgrade to
 the following agent versions:
 PS Hub 40
 2.16 is due Feb 2002
 PS Hub 50
 2.16 is due Feb 2002
 Dual Speed Hub
 2.16 is due Jan 2002
 Switch 1100/3300
 2.68 is available now
 Switch 4400
 2.02 is available now
 Switch 4900
 2.04 is available now
 WebCache1000/3000
 2.00 is due Jan 2002

Caldera

 Caldera   International,  Inc.  has  reproduced  faulty behavior in
 Caldera SCO OpenServer 5, Caldera UnixWare 7, and Caldera Open UNIX
 8.  We have coded a software fix for  supported versions of Caldera
 UnixWare  7  and  Caldera  Open UNIX 8 that will  be available from
 our   support   site  at  http://stage.caldera.com/support/security
 immediately  following the publication of this CERT announcement. A
 fix  for  supported versions of OpenServer 5 will be available at a
 later date.

Cisco Systems

 Cisco  Systems  is  addressing  the  vulnerabilities  identified by
 VU#854306  and VU#107186 across its entire product line. Cisco will
 publish    a    security   advisory   with   further   details   at
 http://www.cisco.com/go/psirt/.

Compaq Computer Corporation

 x-ref: SSRT0779U SNMP
 At  the time of writing this document, COMPAQ continues to evaluate
 this potential problem and when new versions of SNMP are available,
 COMPAQ  will implement solutions based on the new code. Compaq will
 provide  notice  of  any  new  patches  as  a result of that effort
 through  standard  patch  notification  procedures and be available
 from your normal Compaq Services support channel.

Computer Associates

 Computer  Associates  has  confirmed Unicenter vulnerability to the
 SNMP  advisory identified by CERT notification reference [VU#107186
 &   VU#854306]   and   OUSPG#0100.   We  have  produced  corrective
 maintenance  to  address  these  vulnerabilities,  which  is in the
 process  of publication for all applicable releases / platforms and
 will  be  offered  through the CA Support site.  Please contact our
 Technical    Support   organization   for   information   regarding
 availability / applicability for your specific configuration(s).

COMTEK Services, Inc.

 NMServer  for  AS/400  is  not  an SNMP master and is therefore not
 vulnerable.  However  this  product  requires the use of the AS/400
 SNMP  master  agent  supplied  by  IBM.

 NMServer   for  OpenVMS  has  been  tested  and  has  shown  to  be
 vulnerable.  COMTEK  Services  is  preparing  a new release of this
 product  (version  3.5)  which will contain a fix for this problem. 
 This  new  release  is  scheduled to be available in February 2002. 
 Contact COMTEK Services for further information.

 NMServer  for VOS has not as yet been tested; vulnerability of this
 agent  is  unknown.  Contact for further information on the testing
 schedule of the VOS product.

Covalent Technologies

 Covalent Technologies ERS (Enterprise Ready Server), Secure Server,
 and  Conductor  SNMP module are not vulnerable according to testing
 performed   in   accordance  with  CERT  recommendations.  Security
 information for Covalent products can be found at www.covalent.net

Dartware, LLC

 Dartware,  LLC  (www.dartware.com)  supplies  two products that use
 SNMPv1  in  a  manager  role,  InterMapper  and SNMP Watcher.  This statement applies to all present
 and past versions of these two software packages.

DMH Software

 DMH  Software  is  in  the  process of evaluating and attempting to
 reproduce this behavior. 
 It  is  unclear at this point if our snmp-agent is sensitive to the
 tests described above. 
 If  any  problems  will  be  discovered,  DMH  Software will code a
 software fix. 
 The  release of DMH Software OS correcting the behavior outlined in
 VU#854306, VU#107186, and OUSPG#0100 will be generally available to
 all of DMH Software's customers as soon as possible.

EnGarde Secure Linux

 EnGarde  Secure  Linux  did  not  ship any SNMP packages in version
 1.0.1 of our distribution, so we are not vulnerable to either bug.

FreeBSD

 FreeBSD  does  not  include any SNMP software by default, and so is
 not vulnerable.  However, the FreeBSD Ports Collection contains the
 UCD-SNMP   /   NET-SNMP   package.    Package   versions  prior  to
 ucd-snmp-4.2.3  are  vulnerable.   The upcoming FreeBSD 4.5 release
 will  ship  the  corrected  version  of  the  UCD-SNMP  /  NET-SNMP
 package.   In  addition,  the  corrected version of the packages is
 available from the FreeBSD mirrors.

 FreeBSD   has   issued  the  following  FreeBSD  Security  Advisory
 regarding the UCD-SNMP / NET-SNMP package:
 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09. 
 snmp.asc.

Hewlett-Packard Company

 SUMMARY - known vulnerable:
 ========================================
 hp procurve switch 2524
 NNM  (Network Node Manager)
 JetDirect Firmware (Older versions only)
 HP-UX Systems running snmpd or OPENVIEW
 MC/ServiceGuard
 EMS
 Still under investigation:
 SNMP/iX (MPE/iX)
 ========================================
 _________________________________________________________
 ---------------------------------------------------------
 hp procurve switch 2524 
 ---------------------------------------------------------
 hp procurve switch 2525 (product J4813A) is vulnerable to some
 issues, patches in process. Watch for the associated HP
 Security Bulletin. 
 ---------------------------------------------------------
 NNM  (Network Node Manager)
 ---------------------------------------------------------
 Some problems were found in NNM product were related to
 trap handling. Patches in process. Watch for the
 associated HP Security Bulletin. 
 ---------------------------------------------------------
 JetDirect Firmware (Older versions only)
 ---------------------------------------------------------
 ONLY some older versions of JetDirect Firmware are
 vulnerable to some of the issues.  The older firmware
 can be upgraded in most cases, see list below. 
 JetDirect Firmware Version    State
 ==========================    =====
    X.08.32 and higher     NOT Vulnerable
    X.21.00 and higher     NOT Vulnerable
 JetDirect Product Numbers that can be freely
 upgraded to X.08.32 or X.21.00 or higher firmware. 
 EIO (Peripherals Laserjet 4000, 5000, 8000, etc...)
 J3110A 10T
 J3111A 10T/10B2/LocalTalk
 J3112A Token Ring (discontinued)
 J3113A 10/100 (discontinued)
 J4169A 10/100
 J4167A Token Ring
 MIO (Peripherals LaserJet 4, 4si, 5si, etc...)
 J2550A/B 10T (discontinued)
 J2552A/B 10T/10Base2/LocalTalk (discontinued)
 J2555A/B Token Ring (discontinued)
 J4100A 10/100
 J4105A Token Ring
 J4106A 10T
 External Print Servers
 J2591A EX+ (discontinued)
 J2593A EX+3 10T/10B2 (discontinued)
 J2594A EX+3 Token Ring (discontinued)
 J3263A 300X 10/100
 J3264A 500X Token Ring
 J3265A 500X 10/100
 ----------------------------------------------------------
 HP-UX Systems running snmpd or OPENVIEW
 ----------------------------------------------------------
 The following patches are available now:
   PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated Patch
   PHSS_26138 s700_800 11.X  OV EMANATE14.2 Agent Consolidated Patch
   PSOV_03087 EMANATE Release 14.2 Solaris 2.X  Agent Consolidated
 Patch
 All three patches are available from:
 http://support.openview.hp.com/cpe/patches/
 In addition PHSS_26137 and PHSS_26138 will soon be available from:
 http://itrc.hp.com
 ================================================================
 NOTE: The patches are labeled OV(Open View). However, the patches
 are also applicable to systems that are not running Open View. 
 =================================================================
 Any   HP-UX  10.X  or  11.X  system  running  snmpd  or  snmpdm  is
 vulnerable. 
 To determine if your HP-UX system has snmpd or snmpdm installed:
   swlist -l file | grep snmpd
 If a patch is not available for your platform or you cannot install
 an  available  patch,  snmpd and snmpdm can be disabled by removing
 their
 entries  from  /etc/services  and  removing the execute permissions
 from
 /usr/sbin/snmpd and /usr/sbin/snmpdm. 
 ----------------------------------------------------------------
 Investigation completed, systems vulnerable. 
 ----------------------------------------------------------------
 MC/ServiceGuard
 Event Monitoring System  (EMS)
 ----------------------------------------------------------------
   Still under investigation:
 ----------------------------------------------------------------
 SNMP/iX (MPE/iX)

Hirschmann Electronics GmbH & Co. KG

 Hirschmann  Electronics  GmbH  &  Co.  KG supplies a broad range of
 networking  products,  some  of  which  are  affected  by  the SNMP
 vulnerabilities  identified by CERT Coordination Center. The manner
 in  which they are affected and the actions required to avoid being
 impacted  by  exploitation  of  these  vulnerabilities,  vary  from
 product to product. Hirschmann customers may contact our Competence
 Center (phone +49-7127-14-1538, email:
 ans-support@nt.hirschmann.de)     for    additional    information,
 especially  regarding  availability  of  latest  firmware  releases
 addressing the SNMP vulnerabilities.

IBM Corporation

 Based  upon  the  results  of  running  the  test  suites  we  have
 determined  that  our  version  of  SNMP  shipped  with  AIX is NOT
 vulnerable.

Innerdive Solutions, LLC

 Innerdive Solutions, LLC has two SNMP based products:
 1. The "SNMP MIB Scout"
 (http://www.innerdive.com/products/mibscout/)
 2. The "Router IP Console" (http://www.innerdive.com/products/ric/)
 The "SNMP MIB Scout" is not vulnerable to either bug. 
 The "Router IP Console" releases prior to 3.3.0.407 are vulnerable. 
 The release of "Router IP Console" correcting the behavior outlined
 in  OUSPG#0100  is  3.3.0.407 and is already available on our site. 
 Also,  we  will  notify all our customers about this new release no
 later than March 5, 2002.

Juniper Networks

 This  is  in reference to your notification regarding CAN-2002-0012
 and  CAN-2002-0013.   Juniper Networks has reproduced this behavior
 and coded a software fix.  The fix will be included in all releases
 of  JUNOS Internet software built after January 5, 2002.  Customers
 with  current  support contracts can download new software with the
 fix from Juniper's web site at www.juniper.net. 
 Note: The behavior described in CAN-2002-0012 and CAN-2002-0013 can
 only  be  reproduced  in JUNOS Internet software if certain tracing
 options  are  enabled.   These options are generally not enabled in
 production routers.

Lantronix, Inc.

 Lantronix  is  committed  to  resolving  security  issues  with our
 products.  The SNMP security bug you reported has been fixed in LRS
 firmware version B1.3/611(020123).

Lotus Development Corporation

 Lotus    Software   evaluated   the   Lotus   Domino   Server   for
 vulnerabilities using the test suite materials provided by OUSPG. 
 This  problem  does  not affect default installations of the Domino
 Server.   However,  SNMP  agents  can  be  installed from the CD to
 provide  SNMP  services for the Domino Server (these are located in
 the   /apps/sysmgmt/agents   directory).    The  optional  platform
 specific  master  and  encapsulator  agents included with the Lotus
 Domino  SNMP  Agents  for  HP-UX  and Solaris have been found to be
 vulnerable.  For  those  platforms,  customers  should  upgrade  to
 version  R5.0.1  a  of  the Lotus Domino SNMP Agents, available for
 download  from the Lotus Knowledge Base on the IBM Support Web Site
 (http://www.ibm.com/software/lotus/support/).   Please   refer   to
 Document  #191059,  "Lotus Domino SNMP Agents R5.0.1a", also in the
 Lotus Knowledge Base, for more details.

LOGEC Systems Inc

 The  products  from  LOGEC  Systems are exposed to SNMP only via HP
 OpenView.  We  do  not have an implementation of SNMP ourselves. As
 such,  there is nothing in our products that would be an issue with
 this alert.

Lucent

 Lucent is aware of reports that there is a vulnerability in certain
 implementations  of  the  SNMP (Simple Network Management Protocol)
 code  that  is  used in data switches and other hardware throughout
 the telecom industry. 
 As soon as we were notified by CERT, we began assessing our product
 portfolio  and  notifying  customers  with  products  that might be
 affected. 
 Our  5ESS  switch  and  most  of  our  optical  portfolio  were not
 affected.   Our  core  and  edge  ATM switches and most of our edge
 access  products  are  affected, but we have developed, tested, and
 deployed  fixes for many of those products to our customers.  Fixes
 for  the  rest  of the affected product portfolio will be available
 shortly. 
 We consider the security and reliability of our customers' networks
 to  be  one  of  our  critical  measures  of success. We take every
 reasonable measure to ensure their satisfaction. 
 In  addition,  we  are  working  with  customers on ways to further
 enhance the security they have in place today.

Marconi

 Marconi  supplies  a  broad range of telecommunications and related
 products,  some  of  which are affected by the SNMP vulnerabilities
 identified  here.  The  manner  in  which they are affected and the
 actions  required  (if any) to avoid being impacted by exploitation
 of  these  vulnerabilities,  vary  from  product  to product. Those
 Marconi   customers   with  support  entitlement  may  contact  the
 appropriate   Technical  Assistance  Center  (TAC)  for  additional
 information.  Those not under support entitlement may contact their
 sales representative.

Microsoft Corporation

 The  Microsoft  Security Reponse [sic] Center has investigated this
 issue, and provides the following information.

 Summary:
 All  Microsoft  implementations  of  SNMP  v1  are  affected by the
 vulnerability.  The  SNMP v1 service is not installed or running by
 default on any version of Windows. A patch is underway to eliminate
 the  vulnerability.  In  the  meantime,  we recommend that affected
 customers disable the SNMP v1 service.

 Details:
 An  SNMP  v1 service ships on the CDs for Windows 95, 98, and 98SE. 
 It  is  not  installed  or  running  by  default  on  any  of these
 platforms.  An SNMP v1 is NOT provided for Windows ME.  However, it
 is  possible  that  Windows  98  machines  which  had  the  service
 installed  and  were  upgraded would still have the service.  Since
 SNMP  is  not  supported for WinME, customers in this situation are
 urged to remove the SNMP service. 
 An  SNMP  v1  service  is  available  on  Windows NT 4.0 (including
 Terminal  Server  Edition) and Windows 2000 but is not installed or
 running  by  default  on any of these platforms.Windows XP does not
 ship with an SNMP v1 service.

 Remediation:
 A  patch  is  underway  for  the  affected  platforms,  and will be
 released  shortly.  In  the  meantime,  Microsoft  recommends  that
 customers  who  have  the  SNMP  v1  service  running disable it to
 protect their systems. Following are instruction for doing this:

 Windows 95, 98 and 98SE:
 1. In Control Panel, double-click Network. 
 2. On  the  Configuration  tab,  select Microsoft SNMP Agent from the
    list of installed components. 
 3. Click Remove

 Check the following keys and confirm that snmp.exe is not listed. 
 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunSer
 vices
 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

 For Windows XP:
 1. Right-click on My Computer and select Manage
 2. Click on Services and Applications, then on Services
 3. Location  SNMP  on  the list of services, then select it and click
    Stop. 
 4. Select Startup, and click Disabled. 
 5. Click  OK  to  close  the  dialoge  [sic], then close the Computer
    Management window.

 For Windows NT 4.0 (including Terminal Server Edition):
 1. Select Start, then Settings. 
 2. Select Control Panel, then click on the Services Icon
 3. Locate  SNMP  on  the  list  of services, then select it and click
    Stop. 
 4. Select Startup, and click Disabled. 
 5. Click OK to close the dialoge [sic], then close Control Panel

 Windows 2000:
 1. Right-click on My Computer and select Manage
 2. Click on Services and Applications, then on Services
 3. Location  SNMP  on  the list of services, then select it and click
    Stop. 
 4. Select Startup, and click Disabled. 
 5. Click  OK  to  close  the  dialoge  [sic], then close the Computer
    Management window.

Multinet

 MultiNet  and  TCPware customers should contact Process Software to
 check  for  the availability of patches for this issue. A couple of
 minor  problems were found and fixed, but there is no security risk
 related to the SNMP code included with either product.

Netaphor

 NETAPHOR  SOFTWARE INC. is the creator of Cyberons for Java -- SNMP
 Manager  Toolkit  and Cyberons for Java -- NMS Application Toolkit,
 two   Java  based  products  that  may  be  affected  by  the  SNMP
 vulnerabilities  identified  here.  The  manner  in  which they are
 affected  and the actions required (if any) to avoid being impacted
 by  exploitation  of  these  vulnerabilities,  may  be  obtained by
 contacting  Netaphor  via email at info@netaphor.com Customers with
 annual support may contact support@netaphor.com directly. Those not
 under    support    entitlement   may   contact   Netaphor   sales:
 sales@netaphor.com or (949) 470 7955 in USA.

NetBSD

 NetBSD does not ship with any SNMP tools in our 'base' releases. We
 do  provide  optional  packages  which  provide various support for
 SNMP.  These  packages  are  not installed by default, nor are they
 currently  provided  as  an  install option by the operating system
 installation tools. A system administrator/end-user has to manually
 install this with our package management tools. These SNMP packages
 include:
      + netsaint-plugin-snmp-1.2.8.4  (SNMP  monitoring  plug-in  for
        netsaint)
      + p5-Net-SNMP-3.60 (perl5 module for SNMP queries)
      + p5-SNMP-3.1.0  (Perl5  module for interfacing to the UCD SNMP
        library
      + p5-SNMP_Session-0.83   (perl5  module  providing  rudimentary
        access to remote SNMP agents)
      + ucd-snmp-4.2.1  (Extensible  SNMP  implementation) (conflicts
        with ucd-snmp-4.1.2)
      + ucd-snmp-4.1.2  (Extensible  SNMP  implementation) (conflicts
        with ucd-snmp-4.2.1)

 We    do   provide   a   software   monitoring   mechanism   called
 'audit-packages',  which allows us to highlight if a package with a
 range  of  versions  has  a potential vulnerability, and recommends
 that the end-user upgrade the packages in question.

Netscape Communications Corporation

 Netscape  continues  to be committed to maintaining a high level of
 quality  in  our  software  and  service  offerings.  Part  of this
 commitment  includes  prompt response to security issues discovered
 by organizations such as the CERT Coordination Center. 
 According  to a recent CERT/CC advisory, The Oulu University Secure
 Programming  Group (OUSPG) has reported numerous vulnerabilities in
 multiple  vendor  SNMPv1 implementations. 
 We  have  carefully  examined the reported findings, performing the
 tests  suggested  by the OUSPG to determine whether Netscape server
 products  were  subject to these vulnerabilities. It was determined
 that several products fell into this category. As a result, we have
 created  fixes  which will resolve the issues, and these fixes will
 appear  in  future  releases  of  our  product  line. To Netscape's
 knowledge,  there  are  no known instances of these vulnerabilities
 being exploited and no customers have been affected to date. 
 When such security warnings are issued, Netscape has committed to -
 and will continue to commit to - resolving these issues in a prompt
 and timely fashion, ensuring that our customers receive products of
 the highest quality and security.

NET-SNMP

 All  ucd-snmp  version  prior  to  4.2.2  are  susceptible  to this
 vulnerability  and  users  of  versions  prior to version 4.2.2 are
 encouraged   to   upgrade   their  software  as  soon  as  possible
 (http://www.net-snmp.org/download/).  Version  4.2.2 and higher are
 not susceptible.

Network Associates

 PGP is not affected, impacted, or otherwise related to this VU#.

Network Computing Technologies

 Network   Computing   Technologies  has  reviewed  the  information
 regarding  SNMP  vulnerabilities and is currently investigating the
 impact to our products.

Nokia

 This  vulnerability  is  known  to affect IPSO versions 3.1.3, 3.3,
 3.3.1,  3.4,  and  3.4.1.   Patches  are  currently  available  for
 versions  3.3,  3.3.1,  3.4  and  3.4.1 for download from the Nokia
 website.   In  addition,  version  3.4.2  shipped  with  the  patch
 incorporated,  and the necessary fix will be included in all future
 releases of IPSO. 
 We  recommend customers install the patch immediately or follow the
 recommended precautions below to avoid any potential exploit. 
 If you are not using SNMP services, including Traps, simply disable
 the   SNMP   daemon   to   completely   eliminate   the   potential
 vulnerability. 
 If   you  are  using  only  SNMP  Traps  and  running  Check  Point
 FireWall-1,  create  a  firewall  policy  to disallow incoming SNMP
 messages on all appropriate interfaces. Traps will continue to work
 normally.

Nortel Networks

 The  CERT Coordination Center has issued a broad based alert to the
 technology industry, including Nortel Networks, regarding potential
 security   vulnerabilities   identified   in   the  Simple  Network
 Management  Protocol  (SNMP),  a  common  networking  standard. The
 company   is   working   with  CERT  and  other  network  equipment
 manufacturers, the U.S. Government, service providers, and software
 suppliers to assess and address this issue.

Novell

 Novell ships SNMP.NLM and SNMPLOG.NLM with NetWare 4.x, NetWare 5.x
 and  6.0  systems. The SNMP and SNMPLOG vulnerabilities detected on
 NetWare  are  fixed and will be available through NetWare 6 Support
 Pack 1 & NetWare 5.1 Support Pack 4. Support packs are available at
 http://support.novell.com/tools/csp/

OpenBSD

 OpenBSD does not ship SNMP code.

Qualcomm

 WorldMail  does  not  support SNMP by default, so customers who run
 unmodified installations are not vulnerable.

Redback Networks, Inc.

 Redback  Networks,  Inc.  has  identified that the vulnerability in
 question  affects  certain versions of AOS software on the SMS 500,
 SMS  1800,  and  SMS 10000 platforms, and is taking the appropriate
 steps necessary to correct the issue.

Red Hat

 RedHat has released a security advisiory [sic] at
 http://www.redhat.com/support/errata/RHSA-2001-163.html
 with  updated  versions  of  the ucd-snmp package for all supported
 releases and architectures. For more information or to download the
 update please visit this page.

SGI

 SGI  acknowledges  the SNMP vulnerabilities reported by CERT and is
 currently  investigating. 
 For  the  protection  of  all our customers, SGI does not disclose,
 discuss  or  confirm vulnerabilities until a full investigation has
 occurred  and  any  necessary  patch(es)  or  release  streams  are
 available  for all vulnerable and supported IRIX operating systems. 
 Until SGI has more definitive information to provide, customers are
 encouraged  to  assume  all security vulnerabilities as exploitable
 and  take  appropriate  steps  according  to  local  site  security
 policies   and   requirements.   As   further  information  becomes
 available,  additional advisories will be issued via the normal SGI
 security  information  distribution  methods  including the wiretap
 mailing list on http://www.sgi.com/support/security/.

SNMP Research International

 SNMP  Research  has  made  the following vendor statement. They are
 likely  to  revise  and  expand  the  statement as the date for the
 public vulnerability announcement draws nearer.   Users  maintaining
 earlier  releases should update to the current release if they have
 not  already  done  so. Other Stonesoft's products are
 still   under   investigation.   As   further  information  becomes
 available, additional advisories will be available at
 http://www.stonesoft.com/support/techcenter/

Sun Microsystems, Inc.

 Sun's  SNMP  product,  Solstice  Enterprise Agents (SEA), described
 here:
 http://www.sun.com/solstice/products/ent.agents/
 is  affected  by VU#854306 but not VU#107186. More specifically the
 main  agent  of  SEA, snmpdx(1M), is affected on Solaris 2.6, 7, 8. 
 Sun  is  currently  generating  patches  for this issue and will be
 releasing  a  Sun Security Bulletin once the patches are available. 
 The bulletin will be available from:
 http://sunsolve.sun.com/security.  Sun  patches are available from:
 http://sunsolve.sun.com/securitypatch.

Symantec Corporation

 Symantec Corporation has investigated the SNMP issues identified by
 the  OUSPG test suite and determined that Symantec products are not
 susceptable [sic] to these issues.

TANDBERG

 Tandberg  have  run  all  the  testcases found the PROTOS test-suie
 [sic], c06snmpv1:
 1. c06-snmpv1-trap-enc-pr1.jar
 2. c06-snmpv1-treq-app-pr1.jar
 3. c06-snmpv1-trap-enc-pr1.jar
 4. c06-snmpv1-req-app-pr1.jar
 The  tests  were  run with standard delay time between the requests
 (100ms),  but  also  with  a delay of 1ms. The tests applies to all
 TANDBERG  products (T500, T880, T1000, T2500, T6000 and T8000). The
 software  tested  on these products were B4.0 (our latest software)
 and no problems were found when running the test suite.

Tivoli Systems

 Our  analysis indicates that this vulnerability does not affect the
 Tivoli NetView product.

Appendix B. - References 1. http://www.ee.oulu.fi/research/ouspg/protos/ 2. http://www.kb.cert.org/vuls/id/854306 3. http://www.kb.cert.org/vuls/id/107186 4. http://www.cert.org/tech_tips/denial_of_service.html 5. http://www.ietf.org/rfc/rfc1067.txt 6. http://www.ietf.org/rfc/rfc1089.txt 7. http://www.ietf.org/rfc/rfc1140.txt 8. http://www.ietf.org/rfc/rfc1155.txt 9. http://www.ietf.org/rfc/rfc1156.txt 10. http://www.ietf.org/rfc/rfc1215.txt 11. http://www.ietf.org/rfc/rfc1270.txt 12. http://www.ietf.org/rfc/rfc1352.txt

Appendix C. - Background Information

 Background Information on the OUSPG

   OUSPG  is an academic research group located at Oulu University in
   Finland.  The  purpose  of this research group is to test software
   for vulnerabilities. 
   History  has  shown  that  the  techniques  used by the OUSPG have
   discovered a large number of previously undetected problems in the
   products  and  protocols  they  have  tested.  In  2001, the OUSPG
   produced a comprehensive test suite for evaluating implementations
   of  the  Lightweight  Directory  Access Protocol (LDAP). This test
   suite  was  developed with the strategy of abusing the protocol in
   unsupported  and  unexpected  ways,  and  it was very effective in
   uncovering  a  wide  variety  of  vulnerabilities  across  several
   products.  This approach can reveal vulnerabilities that would not
   manifest themselves under normal conditions. 
   After  completing  its  work  on  LDAP,  OUSPG  moved its focus to
   SNMPv1.  As  with  LDAP,  they designed a custom test suite, began
   testing   a   selection   of  products,  and  found  a  number  of
   vulnerabilities.  Because  OUSPG's  work  on  LDAP  was similar in
   procedure  to its current work on SNMP, you may wish to review the
   LDAP  Test  Suite  and  CERT  Advisory  CA-2001-18, which outlined
   results of application of the test suite. 
   In order to test the security of protocols like SNMPv1, the PROTOS
   project  presents  a  server with a wide variety of sample packets
   containing  unexpected  values  or  illegally formatted data. As a
   member of the PROTOS project consortium, the OUSPG used the PROTOS
   c06-snmpv1  test  suite  to  study  several implementations of the
   SNMPv1  protocol.  Results  of  the  test  suites run against SNMP
   indicate  that  there  are  many different vulnerabilities on many
   different implementations of SNMP. Software and
   firmware products designed for networks often make use of the SNMP
   protocol.  SNMP  runs  on  a  multitude  of  devices and operating
   systems, including, but not limited to,
      + Core  Network  Devices (Routers, Switches, Hubs, Bridges, and
        Wireless Network Access Points)
      + Operating Systems
      + Consumer  Broadband  Network  Devices  (Cable  Modems and DSL
        Modems)
      + Consumer Electronic Devices (Cameras and Image Scanners)
      + Networked   Office  Equipment  (Printers,  Copiers,  and  FAX
        Machines)
      + Network and Systems Management/Diagnostic Frameworks (Network
        Sniffers and Network Analyzers)
      + Uninterruptible Power Supplies (UPS)
      + Networked Medical Equipment (Imaging Units and Oscilloscopes)
      + Manufacturing and Processing Equipment
   The  SNMP  protocol  is  formally defined in RFC1157. Quoting from
   that RFC:

            Implicit  in the SNMP architectural model is a collection
            of  network  management  stations  and  network elements. 
            Network    management    stations    execute   management
            applications  which monitor and control network elements. 
            Network  elements  are  devices  such as hosts, gateways,
            terminal  servers,  and  the  like, which have management
            agents  responsible for performing the network management
            functions  requested  by the network management stations.

   Additionally,   SNMP  is  discussed  in  a  number  of  other  RFC
   documents:
      + RFC 3000 Internet Official Protocol Standards
      + RFC 1212 Concise MIB Definitions
      + RFC  1213  Management Information Base for Network Management
        of TCP/IP-based Internets: MIB-II
      + RFC  1215  A  Convention  for Defining Traps for use with the
        SNMP
      + RFC 1270 SNMP Communications Services
      + RFC  2570  Introduction to Version 3 of the Internet-standard
        Network Management Framework
      + RFC  2571  An  Architecture  for  Describing  SNMP Management
        Frameworks
      + RFC  2572  Message  Processing and Dispatching for the Simple
        Network Management Protocol (SNMP)
      + RFC 2573 SNMP Applications
      + RFC 2574 User-based Security Model (USM) for version 3 of the
        Simple Network Management Protocol (SNMPv3)
      + RFC  2575  View-based  Access  Control  Model  (VACM) for the
        Simple Network Management Protocol (SNMP)
      + RFC  2576  Coexistence  between  Version  1,  Version  2, and
        Version   3   of  the  Internet-standard  Network  Management
        Framework
     _____________________________________________________________

   The  CERT  Coordination  Center  thanks the Oulu University Secure
   Programming  Group  for reporting these vulnerabilities to us, for
   providing  detailed  technical  analyses,  and for assisting us in
   preparing  this  advisory.  We also thank Steven M. Bellovin (AT&T
   Labs  --  Research),  Wes Hardaker (Net-SNMP), Steve Moulton (SNMP
   Research),  Tom Reddington (Bell Labs), Mike Duckett (Bell South),
   Rob   Thomas,  Blue  Boar  (Thievco),  and  the  many  others  who
   contributed to this document. 
     _____________________________________________________________

   Feedback  on  this document can be directed to the authors, Ian A. 
   Finlay, Shawn V. Hernan, Jason A. Rafail, Chad Dougherty, Allen D. 
   Householder, Marty Lindner, and Art Manion. 
   __________________________________________________________________

   This document is available from:
   http://www.cert.org/advisories/CA-2002-03.html
   __________________________________________________________________

   CERT/CC Contact Information

    Email: cert@cert.org
            Phone: +1 412-268-7090 (24-hour hotline)
            Fax: +1 412-268-6989
            Postal address:
            CERT Coordination Center
            Software Engineering Institute
            Carnegie Mellon University
            Pittsburgh PA 15213-3890
            U.S.A.

   CERT/CC  personnel  answer  the  hotline  08:00-17:00 EST(GMT-5) /
   EDT(GMT-4) Monday through Friday; they are on call for emergencies
   during other hours, on U.S. holidays, and on weekends.

   Using encryption
   We  strongly  urge  you  to  encrypt sensitive information sent by
   email. Our public PGP key is available from
    http://www.cert.org/CERT_PGP.key
   If  you  prefer  to use DES, please call the CERT hotline for more
   information.

   Getting  security information
   CERT publications and other security information are available
   from our web site
    http://www.cert.org/
   To   subscribe  to  the  CERT  mailing  list  for  advisories  and
   bulletins, send email to majordomo@cert.org. Please include in the
   body of your message

     subscribe cert-advisory

   * "CERT" and "CERT Coordination Center" are registered in the U.S. 
   Patent and Trademark Office. 
   __________________________________________________________________

   NO WARRANTY
   Any  material  furnished  by  Carnegie  Mellon  University and the
   Software  Engineering  Institute is furnished on an "as is" basis. 
   Carnegie Mellon University makes no warranties of any kind, either
   expressed  or  implied as to any matter including, but not limited
   to,   warranty   of   fitness   for   a   particular   purpose  or
   merchantability,  exclusivity  or results obtained from use of the
   material. Carnegie Mellon University does not make any warranty of
   any  kind  with  respect  to  freedom  from  patent, trademark, or
   copyright infringement. 
     _____________________________________________________________

   Conditions for use, disclaimers, and sponsorship information
   Copyright 2002 Carnegie Mellon University.

Revision History

   February 12, 2002: Initial release

-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8

iQCVAwUBPGltxKCVPMXQI2HJAQGVeAQAuHtxGBsmU5HI6PtqhpZ1rkpV+Cq3ChIU R1FUz4Zi2vzklH8jdXd10KqwZAPhXTPazeguhRyLVSUprMlSKqcXg3BCkH/y4WAl QUZ1VnQXMnMrxIJO1fv0WW0pcyM4W0iQBl0kCIlawPcjCGVniOCOr+4CE0f923wr uZiMJ5f2SEo= =h42e -----END PGP SIGNATURE-----

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200203-0024",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ios 12.0",
        "scope": "ne",
        "trust": 5.4,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1",
        "scope": "ne",
        "trust": 3.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "windows nt",
        "scope": "eq",
        "trust": 2.2,
        "vendor": "microsoft",
        "version": "4.0"
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "3com",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "adtran",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "adventnet",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "american power conversion",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "aprisma",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "bea",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "bmc",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "cnt",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "comtek services",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "cscare",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "cacheflow",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "carrier access",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "compaq computer",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "computer associates",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "concord",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "dart",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "dell",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "digital",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "entrada",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "equinox",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "f5",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "fluke",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "general datacomm",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "hirschmann",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "iplanet",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "itouch",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "infovista",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "inktomi",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "innerdive",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "ipswitch",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "karlnet",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "lantronix",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "larscom incorporated",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "lotus",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "lucent",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "mg soft",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "mandriva",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "marconi",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "mercury interactive",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "metrobility optical",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "micromuse",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "monfox",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "multinet",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "nec",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "net snmp",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "network harmoni",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "nbase xyplex",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "netscout",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "netsilicon",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "netscape",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "network appliance",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "nortel",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "novell",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "openwave",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "optical access",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "perle",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "powerware",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "radware",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "red hat",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "redback",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "riverstone",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "snmp research",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "sniffer",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "sonicwall",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "sonus",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "stonesoft",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "sun microsystems",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "symantec",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "the sco group sco unix",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "tivoli",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "toshiba",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "unisphere",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "vertical",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "vina",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "wind river",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "world wide packets",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "xerox",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "e security",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "net com",
        "version": null
      },
      {
        "model": "ios 12.2",
        "scope": "ne",
        "trust": 1.5,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "vpn concentrator",
        "scope": "eq",
        "trust": 1.5,
        "vendor": "cisco",
        "version": "30002.5.2"
      },
      {
        "model": "windows 2000",
        "scope": null,
        "trust": 1.4,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "windows 98se",
        "scope": null,
        "trust": 1.2,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "ios 12.0 xe",
        "scope": null,
        "trust": 1.2,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 dc2",
        "scope": "ne",
        "trust": 1.2,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "windows 95",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "*"
      },
      {
        "model": "windows xp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "*"
      },
      {
        "model": "windows 98se",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "*"
      },
      {
        "model": "windows 2000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "*"
      },
      {
        "model": "windows 98",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "*"
      },
      {
        "model": "ios 12.0 s6",
        "scope": "ne",
        "trust": 0.9,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "nudesign team",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "outback resource group",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "veritas",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "bintec",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "interniche",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ncipher corp",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "netscreen",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "nokia",
        "version": null
      },
      {
        "model": "aix",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ibm",
        "version": "4.3"
      },
      {
        "model": "aix",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ibm",
        "version": "5.1"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "2.6 (sparc)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "2.6 (x86)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "7.0 (sparc)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "7.0 (x86)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "8 (sparc)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "8 (x86)"
      },
      {
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "10.00"
      },
      {
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "10.10"
      },
      {
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "10.20"
      },
      {
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "11.00"
      },
      {
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "11.11"
      },
      {
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "11.20"
      },
      {
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "10.24"
      },
      {
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "11.04"
      },
      {
        "model": "windows 9x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "95"
      },
      {
        "model": "windows 9x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "98"
      },
      {
        "model": "windows 9x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "98 scd"
      },
      {
        "model": "windows 9x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "me"
      },
      {
        "model": "windows nt",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "4.0 (server)"
      },
      {
        "model": "windows nt",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "4.0 (terminal_srv)"
      },
      {
        "model": "windows nt",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "4.0 (workstation)"
      },
      {
        "model": "windows xp",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "sp3"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "6.2"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "7.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "7.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "7.2"
      },
      {
        "model": "windows xp gold",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "0"
      },
      {
        "model": "windows",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "95"
      },
      {
        "model": "windows server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "2000"
      },
      {
        "model": "ios 12.0 s7",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 bx",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 st1",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 e8",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 s8",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 w5",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "3.1"
      },
      {
        "model": "ios 12.0 xe?",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "vpn concentrator",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "30003.1"
      },
      {
        "model": "ios 12.0 s1",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 wc1",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 xu",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 db1",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 xk",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 st2",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 ey",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 e3",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 db2",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "vpn concentrator",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "30003.0.3"
      },
      {
        "model": "ios 12.1 ex",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "windows 98",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "gold"
      },
      {
        "model": "windows 95",
        "scope": null,
        "trust": 0.6,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "windows xp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "gold"
      },
      {
        "model": "sunatm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "5.0"
      },
      {
        "model": "sunatm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "4.0.1"
      },
      {
        "model": "sunatm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "3.0.1"
      },
      {
        "model": "sunatm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "2.1"
      },
      {
        "model": "ios 12.0 wc 2900xl-lre",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1"
      },
      {
        "model": "cbos a",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4700"
      },
      {
        "model": "ios 12.2 yb",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3.7"
      },
      {
        "model": "as5850",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 xk2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1000"
      },
      {
        "model": "ios 12.1aa",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xe2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 ca1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "vpn concentrator",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30003.1.2"
      },
      {
        "model": "ios 12.0s",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "hosting solution engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.3"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1(4.206)"
      },
      {
        "model": "netranger sensor",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 yc2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "12.2"
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0"
      },
      {
        "model": "as5200",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xa",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1da",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "vg248 analog phone gateway",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 yf",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.2gs",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ics",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7750"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.4(8)"
      },
      {
        "model": "ios 12.0 wt6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.5.1"
      },
      {
        "model": "traffic director",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ons optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154543.1.0"
      },
      {
        "model": "ios 12.1 e5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 b2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 t3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.3"
      },
      {
        "model": "ios 12.0 xn",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 ya2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "as5300",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 s3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "icdn software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.0"
      },
      {
        "model": "vpn concentrator",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30002.0"
      },
      {
        "model": "cbos b",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.4.2"
      },
      {
        "model": "ios 11.1 cc4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst 4840g",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.1 aa4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.2"
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "39203.0(7)"
      },
      {
        "model": "secure ids network sensor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0"
      },
      {
        "model": "ios 12.2 mx",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7100"
      },
      {
        "model": "cva120",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 xt3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst native mode",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6000"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "560"
      },
      {
        "model": "ios 12.1 ea1e",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 xq",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.2sa",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 yh",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2b",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1005"
      },
      {
        "model": "ons optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154543.2.0"
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3.5.015"
      },
      {
        "model": "ios 12.2 mx1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.3(1.200)"
      },
      {
        "model": "bpx/igx",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "12000"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4670"
      },
      {
        "model": "ap340",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 xf",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10700"
      },
      {
        "model": "css11000 content services switch",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.1"
      },
      {
        "model": "ios 12.1 xi",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "distributed director",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2501"
      },
      {
        "model": "ios 12.1ec",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "intelligent contact manager",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.0(1)"
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3000"
      },
      {
        "model": "ios 12.1 yi1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst 2948g",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 da",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "switchprobe",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.6"
      },
      {
        "model": "ios 12.1 ew",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.4(7.202)"
      },
      {
        "model": "ios 12.2 xd",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 ya",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "local director",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2bx",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 da1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "12.1(5)xv5"
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4232"
      },
      {
        "model": "ios 12.1 ec",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "user registration tool vlan policy server",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 dd3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "hosting solution engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2(1)"
      },
      {
        "model": "ios 11.1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "igx",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 t4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst 8540csr",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "mgx-8240",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2dd",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0st",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 w5",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7010"
      },
      {
        "model": "unity server",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 xf",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst hybrid mode",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6000"
      },
      {
        "model": "ios 12.0 wc3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.3(1)"
      },
      {
        "model": "icdn software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "snmpc",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "vpn concentrator",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30003.0.4"
      },
      {
        "model": "ios 12.0 st5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0w5",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.2bc",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.0"
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.2"
      },
      {
        "model": "ios 12.0 sl4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst network analysis module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6000"
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3.2"
      },
      {
        "model": "ios 12.2t",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xb3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 db2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "mgx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "82301.2.10"
      },
      {
        "model": "ios 12.1 ey",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 s5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.0"
      },
      {
        "model": "ios 12.0 xs",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ons optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154543.4"
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.5"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "590"
      },
      {
        "model": "ios 12.2s",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "mgx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "82501.2.10"
      },
      {
        "model": "catalyst msm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6000"
      },
      {
        "model": "nsp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6400"
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.4"
      },
      {
        "model": "ios 12.1 yd",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "info center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.4"
      },
      {
        "model": "ios 12.0 wx5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 yc",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 e8",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "mgx",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "arrowpoint cs11000",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "secure ids host sensor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.0"
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2950"
      },
      {
        "model": "ios 11.1 ct",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 yb",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 e",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ubr7200",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xw",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.3"
      },
      {
        "model": "ios 12.2bc",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.1ia",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst 8540msr",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ons optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154544.0(1)"
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "12.1(5)xv4"
      },
      {
        "model": "ios 12.1 t12",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "microswitch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1548"
      },
      {
        "model": "ios 12.1 e12",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1"
      },
      {
        "model": "ios 12.0 sx",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "access registrar",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4000"
      },
      {
        "model": "ios 12.0 st",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst 8510csr",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xs1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "bpx",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 ea2b",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 xz7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 b4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2920"
      },
      {
        "model": "ios 12.1 ea1b",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.2p",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 xk3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "switchprobe",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.7"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2600"
      },
      {
        "model": "as5800",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.2 p2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6200"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1700"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "507"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7000"
      },
      {
        "model": "ios 12.1 e7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "vpn concentrator",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30003.5.1"
      },
      {
        "model": "ios 12.2 t1a",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1(2)"
      },
      {
        "model": "ios 12.2 xa5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.4.1"
      },
      {
        "model": "ios 12.1 ew1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 sp1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1db",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.1ca",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3.053"
      },
      {
        "model": "catalyst 2948g-l3",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2900"
      },
      {
        "model": "ios 12.2 mb3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2(2)"
      },
      {
        "model": "switchprobe",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "ios 12.2 t0a",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.7"
      },
      {
        "model": "ios 12.0 wc2",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ap350",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 dx",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 sl6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "as5400",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0sp",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst xl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3500"
      },
      {
        "model": "ios 12.0 wc2b",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1400"
      },
      {
        "model": "ios 12.1 yb5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 xn1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "vpn concentrator",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30003.1.1"
      },
      {
        "model": "ios 12.1 e6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.3(3)"
      },
      {
        "model": "bts",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10200"
      },
      {
        "model": "ios 12.0 sx",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3.8"
      },
      {
        "model": "ubr900",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.3(2)"
      },
      {
        "model": "ios 12.2 xb4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.1aa",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "switchprobe",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1"
      },
      {
        "model": "ios 12.0 t2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xg",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2(7)"
      },
      {
        "model": "ios 12.1 xm",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.2 sa6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "sc2200/vsc3000",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "wan manager",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xu",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xm2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 aa1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 xp",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xh2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0wx",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xf",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "12.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6400"
      },
      {
        "model": "infocenter",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2(5)"
      },
      {
        "model": "cache engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "570"
      },
      {
        "model": "call manager",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xa1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 sc3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 e4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.2 bc1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 ex",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 ea1",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 xt",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "mgx-8260",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.3"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2(6)"
      },
      {
        "model": "switchprobe",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "vpn concentrator",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30003.1.4"
      },
      {
        "model": "ios 12.1 yi",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "vpn concentrator",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30003.0"
      },
      {
        "model": "ios 12.2 xj1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 bc1a",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0"
      },
      {
        "model": "ios 12.1 xm7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.3t",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xe",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall b",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1.6"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "ios 12.1 ya",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "content router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4430"
      },
      {
        "model": "catalyst supervisor module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6000"
      },
      {
        "model": "ap352",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7600"
      },
      {
        "model": "internet cdn content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7320"
      },
      {
        "model": "ios 12.1e",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.4.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "12.0(7)xv"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2(3.210)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "12.1(13)"
      },
      {
        "model": "ios 12.2da",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cache engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "505"
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.0.1"
      },
      {
        "model": "catalyst xl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2900"
      },
      {
        "model": "netranger",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1dc",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "ios 12.1 ex3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.4"
      },
      {
        "model": "ios 12.0sl",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.2"
      },
      {
        "model": "br350",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5000"
      },
      {
        "model": "ios 12.2 xt3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "content delivery manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4650"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.0"
      },
      {
        "model": "ios 12.0 st3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "12.1(5)xv"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4500"
      },
      {
        "model": "ios 12.2 xw1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 da3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "br352",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xu2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0"
      },
      {
        "model": "ons optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154543.0"
      },
      {
        "model": "ons metro edge optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "15327"
      },
      {
        "model": "ios 12.2 xk",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 ey3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "microhub",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1500"
      },
      {
        "model": "ios 12.2 t",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 yf4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 s4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 yh3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7320"
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1"
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3"
      },
      {
        "model": "ios 12.0sc",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4232-13"
      },
      {
        "model": "ios 11.0",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst msfc2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6000"
      },
      {
        "model": "mgx-8220",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "element management framework",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xh",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3600"
      },
      {
        "model": "catalyst 4908g-l3",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "wgb340",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ciscoworks windows/wug",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "switchprobe",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.5"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2(5)"
      },
      {
        "model": "switchprobe",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0"
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2"
      },
      {
        "model": "ios 12.0 s2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "mgx-8850 r1",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 st4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.2 gs6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "mgx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "82501.2.11"
      },
      {
        "model": "ios 12.0 xf1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3.5"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2.1"
      },
      {
        "model": "rsfc",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.3db",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "building broadband service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0.1"
      },
      {
        "model": "ios 12.1 ec1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.1 ia",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ws-x6624",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 ea2a",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 yd6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "vpn concentrator",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "30003.5"
      },
      {
        "model": "ios 11.1 ca2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "icdn software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.1"
      },
      {
        "model": "secure pix firewall",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7500"
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3200"
      },
      {
        "model": "ios 12.2 xi1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "mgx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "82301.2.11"
      },
      {
        "model": "switchprobe",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1"
      },
      {
        "model": "wgb352",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xt",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cat6k nam",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "br340",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 xf5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "fasthub",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4001.0"
      },
      {
        "model": "ios 12.2 xi",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "12.1"
      },
      {
        "model": "ios 12.1 ea2",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2mb",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "rsm",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0wt",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "nrp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6400"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1.6"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1.4"
      },
      {
        "model": "ws-x6608",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 by2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1600"
      },
      {
        "model": "ios 12.1 xz",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xl4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 xs?",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3.9"
      },
      {
        "model": "catalyst 8510msr",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 xm1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 xm",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2500"
      },
      {
        "model": "ios 12.2 ya1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "service expansion shelf",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xn",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 s",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst msfc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6000"
      },
      {
        "model": "ons optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154543.3"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.3"
      },
      {
        "model": "ios 12.0 xe1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "iad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8110"
      },
      {
        "model": "ios 12.1 ex4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 xe2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4000"
      },
      {
        "model": "ios 12.1 e9",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xm",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0t",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0"
      },
      {
        "model": "ios 11.1ct",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3(3)"
      },
      {
        "model": "ios 12.1 xp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7300"
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3550"
      },
      {
        "model": "ios 12.1t",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "mgx-8850 r2",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xd3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 ea1a",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "internet cdn content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "590"
      },
      {
        "model": "ciscoworks windows",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 aa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.4.2"
      },
      {
        "model": "ios 12.2 xk2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "esr",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10000"
      },
      {
        "model": "ls1010 atm switch",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0 dc1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3.7.002"
      },
      {
        "model": "content router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4450"
      },
      {
        "model": "ios 12.1 xi8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3900"
      },
      {
        "model": "ios 11.3 db1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "800"
      },
      {
        "model": "mc3810",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 by",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "as5350",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 11.1cc",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xj",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 xb",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7200"
      },
      {
        "model": "content delivery manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4630"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.4(4)"
      },
      {
        "model": "catalyst 4912g",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.0db",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "intelligent contact manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0"
      },
      {
        "model": "cbos ap",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.4.2"
      },
      {
        "model": "ios 12.0dc",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cbos a",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.2.1"
      },
      {
        "model": "ios 12.2 xl",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ubr10000",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.0(2)"
      },
      {
        "model": "ios 12.2 xs",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cbos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.2.1"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#107186"
      },
      {
        "db": "CERT/CC",
        "id": "VU#854306"
      },
      {
        "db": "BID",
        "id": "89608"
      },
      {
        "db": "BID",
        "id": "89661"
      },
      {
        "db": "BID",
        "id": "4732"
      },
      {
        "db": "BID",
        "id": "4132"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000035"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200203-006"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-0053"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:ibm:aix",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:sun:solaris",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:hp:hp-ux",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:hp:vvos",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:microsoft:windows_2000",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:microsoft:windows-9x",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:microsoft:windows_nt",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:microsoft:windows_xp",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:redhat:linux",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000035"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unknown",
    "sources": [
      {
        "db": "BID",
        "id": "89608"
      },
      {
        "db": "BID",
        "id": "89661"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2002-0053",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2002-0053",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2002-0053",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#107186",
            "trust": 0.8,
            "value": "69.26"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#854306",
            "trust": 0.8,
            "value": "42.64"
          },
          {
            "author": "NVD",
            "id": "CVE-2002-0053",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200203-006",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#107186"
      },
      {
        "db": "CERT/CC",
        "id": "VU#854306"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000035"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200203-006"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-0053"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request.  NOTE: this candidate may be split or merged with other candidates.  This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. For details, refer to each product.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability.  It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. \nThe resultant crash may be due to a buffer overflow condition.  If this is the case, attackers may be able to exploit this vulnerability to execute arbitrary code. Cisco products contain multiple vulnerabilities in handling of SNMP requests and traps.  A general report for multiple vendors was initially published on February 12 (Bugtraq IDs 4088 and 4089), however more information is now available and a separate Bugtraq ID has been allocated for the Cisco Operating Systems and Appliances vulnerabilities. \nIt is reportedly possible for a remote attacker to create a denial of service condition by transmitting a malformed SNMP request to a vulnerable Cisco Operating System or Appliance.  The affected device may reset, or require a manual reset to regain functionality. \n\n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Advisory CA-2002-03: Multiple Vulnerabilities in Many\nImplementations of the Simple Network Management Protocol (SNMP)\n\n   Original release date: February 12, 2002\n   Last revised: --\n   Source: CERT/CC\n\n   A complete revision history can be found at the end of this file. \n\nSystems Affected\n\n   Products  from  a  very  wide  variety of vendors may be affected. See\n   Vendor Information for details from vendors who have provided feedback\n   for this advisory. \n\n   In  addition to the vendors who provided feedback for this advisory, a\n   list  of  vendors  whom  CERT/CC contacted regarding these problems is\n   available from\n   http://www.kb.cert.org/vuls/id/854306\n   http://www.kb.cert.org/vuls/id/107186 \n\n   Many  other systems making use of SNMP may also be vulnerable but were\n   not specifically tested. \n\n   In addition to this advisory, we also have an FAQ available at\n   http://www.cert.org/tech_tips/snmp_faq.html\n\nI. \n   Version  1  of  the  protocol  (SNMPv1)  defines several types of SNMP\n   messages  that  are  used  to  request  information  or  configuration\n   changes,  respond  to  requests,  enumerate  SNMP  objects,  and  send\n   unsolicited  alerts.  The  Oulu  University  Secure  Programming Group\n   (OUSPG,  http://www.ee.oulu.fi/research/ouspg/)  has reported numerous\n   vulnerabilities in SNMPv1 implementations from many different vendors. \n   More information about SNMP and OUSPG can be found in Appendix C\n\n   OUSPG\u0027s  research  focused  on  the  manner in which SNMPv1 agents and\n   managers  handle  request  and  trap  messages. A trap message\n     may  indicate  a warning or error condition or otherwise notify the\n     manager about the agent\u0027s state. SNMP managers must properly decode\n     trap  messages  and  process  the resulting data. Request\n     messages  might be issued to obtain information from an agent or to\n     instruct  the  agent to configure the host device. \n\n   Vulnerabilities  in  the  decoding  and  subsequent processing of SNMP\n   messages  by  both managers and agents may result in denial-of-service\n   conditions,  format string vulnerabilities, and buffer overflows. Some\n   vulnerabilities  do  not  require  the SNMP message to use the correct\n   SNMP community string. \n\n   These   vulnerabilities   have   been  assigned  the  CVE  identifiers\n   CAN-2002-0012 and CAN-2002-0013, respectively. \n\nII.  Specific impacts will vary from product to\n   product. \n\nIII. Solution\n\n   Note  that  many  of  the  mitigation steps recommended below may have\n   significant  impact on your everyday network operations and/or network\n   architecture.  Ensure  that  any  changes  made based on the following\n   recommendations  will  not  unacceptably  affect  your ongoing network\n   operations capability. \n\nApply a patch from your vendor\n\n   Appendix A contains information provided by vendors for this advisory. \n   Please  consult this appendix to determine if you need to contact your\n   vendor directly. \n\nDisable the SNMP service\n\n   As  a  general  rule,  the CERT/CC recommends disabling any service or\n   capability   that   is   not   explicitly  required,  including  SNMP. \n   Unfortunately,  some  of  the  affected  products exhibited unexpected\n   behavior  or  denial  of  service conditions when exposed to the OUSPG\n   test  suite  even  if  SNMP was not enabled. In these cases, disabling\n   SNMP should be used in conjunction with the filtering practices listed\n   below to provide additional protection. \n\nIngress filtering\n\n   As a temporary measure, it may be possible to limit the scope of these\n   vulnerabilities  by  blocking  access  to SNMP services at the network\n   perimeter. \n\n   Ingress  filtering  manages the flow of traffic as it enters a network\n   under  your  administrative  control.  Servers  are typically the only\n   machines that need to accept inbound traffic from the public Internet. \n   In  the  network usage policy of many sites, there are few reasons for\n   external hosts to initiate inbound traffic to machines that provide no\n   public  services.  Thus,  ingress filtering should be performed at the\n   border   to   prohibit   externally   initiated   inbound  traffic  to\n   non-authorized  services. For SNMP, ingress filtering of the following\n   ports  can  prevent  attackers  outside of your network from impacting\n   vulnerable  devices  in  the  local  network  that  are not explicitly\n   authorized to provide public SNMP services. \n\n   snmp     161/udp     # Simple Network Management Protocol (SNMP)\n   snmp     162/udp     # SNMP system management messages\n\n   The  following  services  are  less  common,  but  may be used on some\n   affected products\n\n   snmp               161/tcp     #  Simple  Network  Management Protocol\n   (SNMP)\n   snmp               162/tcp     # SNMP system management messages\n   smux               199/tcp     # SNMP Unix Multiplexer\n   smux               199/udp     # SNMP Unix Multiplexer\n   synoptics-relay    391/tcp     # SynOptics SNMP Relay Port\n   synoptics-relay    391/udp     # SynOptics SNMP Relay Port\n   agentx             705/tcp     # AgentX\n   snmp-tcp-port     1993/tcp     # cisco SNMP TCP port\n   snmp-tcp-port     1993/udp     # cisco SNMP TCP port\n\n   As  noted  above, you should carefully consider the impact of blocking\n   services that you may be using. \n\n   It  is  important  to note that in many SNMP implementations, the SNMP\n   daemon may bind to all IP interfaces on the device. This has important\n   consequences  when  considering  appropriate packet filtering measures\n   required  to  protect  an  SNMP-enabled device. For example, even if a\n   device  disallows  SNMP  packets  directed  to the IP addresses of its\n   normal  network  interfaces, it may still be possible to exploit these\n   vulnerabilities  on that device through the use of packets directed at\n   the following IP addresses:\n     * \"all-ones\" broadcast address\n     * subnet broadcast address\n     * any  internal  loopback  addresses  (commonly  used in routers for\n       management purposes, not to be confused with the IP stack loopback\n       address 127.0.0.1)\n\n   Careful  consideration  should  be  given  to  addresses  of the types\n   mentioned  above  by  sites  planning  for packet filtering as part of\n   their mitigation strategy for these vulnerabilities. \n\n   Finally,  sites may wish to block access to the following RPC services\n   related to SNMP (listed as name, program ID, alternate names)\n\n   snmp               100122  na.snmp snmp-cmc snmp-synoptics snmp-unisys\n   snmp-utk\n   snmpv2             100138  na.snmpv2     # SNM Version 2.2.2\n   snmpXdmid          100249\n\n   Please  note  that  this workaround may not protect vulnerable devices\n   from internal attacks. \n\nFilter SNMP traffic from non-authorized internal hosts\n\n   In  many networks, only a limited number of network management systems\n   need to originate SNMP request messages. Therefore, it may be possible\n   to configure the SNMP agent systems (or the network devices in between\n   the  management  and  agent systems) to disallow request messages from\n   non-authorized systems. This can reduce, but not wholly eliminate, the\n   risk  from  internal attacks. However, it may have detrimental effects\n   on  network  performance  due  to  the  increased  load imposed by the\n   filtering, so careful consideration is required before implementation. \n   Similar  caveats  to  the  previous workaround regarding broadcast and\n   loopback addresses apply. \n\nChange default community strings\n\n   Most  SNMP-enabled  products  ship  with  default community strings of\n   \"public\"  for read-only access and \"private\" for read-write access. As\n   with   any   known  default  access  control  mechanism,  the  CERT/CC\n   recommends  that network administrators change these community strings\n   to  something  of  their  own  choosing.  However, even when community\n   strings  are changed from their defaults, they will still be passed in\n   plaintext and are therefore subject to packet sniffing attacks. SNMPv3\n   offers additional capabilities to ensure authentication and privacy as\n   described in RFC2574. \n\n   Because  many of the vulnerabilities identified in this advisory occur\n   before  the  community  strings are evaluated, it is important to note\n   that  performing  this  step  alone  is not sufficient to mitigate the\n   impact  of  these vulnerabilities. Nonetheless, it should be performed\n   as part of good security practice. \n\nSegregate SNMP traffic onto a separate management network\n\n   In  situations  where  blocking  or  disabling  SNMP  is not possible,\n   exposure  to  these  vulnerabilities may be limited by restricting all\n   SNMP  access  to  separate,  isolated management networks that are not\n   publicly  accessible.  Although  this would ideally involve physically\n   separate networks, that kind of separation is probably not feasible in\n   most environments. Mechanisms such as virtual LANs (VLANs) may be used\n   to  help  segregate  traffic  on  the same physical network. Note that\n   VLANs  may  not  strictly  prevent  an  attacker from exploiting these\n   vulnerabilities,  but  they may make it more difficult to initiate the\n   attacks. \n\n   Another  option  is  for  sites  to  restrict SNMP traffic to separate\n   virtual private networks (VPNs), which employ cryptographically strong\n   authentication. \n\n   Note  that  these  solutions may require extensive changes to a site\u0027s\n   network architecture. \n\nEgress filtering\n\n   Egress  filtering  manages  the flow of traffic as it leaves a network\n   under your administrative control. There is typically limited need for\n   machines providing public services to initiate outbound traffic to the\n   Internet.  In  the  case  of  SNMP  vulnerabilities,  employing egress\n   filtering on the ports listed above at your network border can prevent\n   your network from being used as a source for attacks on other sites. \n\nDisable stack execution\n\n   Disabling  executable  stacks  (on systems where this is configurable)\n   can  reduce  the  risk  of  \"stack  smashing\"  attacks  based on these\n   vulnerabilities. Although this does not provide 100 percent protection\n   against exploitation of these vulnerabilities, it makes the likelihood\n   of a successful exploit much smaller. On many UNIX systems, executable\n   stacks can be disabled by adding the following lines to /etc/system:\n\n   set noexec_user_stack = 1 set noexec_user_stack_log = 1\n\n   Note  that  this  may  go  against the SPARC and Intel ABIs and can be\n   bypassed  as required in programs with mprotect(2). For the changes to\n   take effect you will then need to reboot. \n\n   Other  operating  systems and architectures also support the disabling\n   of executable stacks either through native configuration parameters or\n   via  third-party  software.  Consult  your  vendor(s)  for  additional\n   information. \n\nShare tools and techniques\n\n   Because  dealing with these vulnerabilities to systems and networks is\n   so  complex, the CERT/CC will provide a forum where administrators can\n   share  ideas  and  techniques  that  can  be  used  to  develop proper\n   defenses.  We  have created an unmoderated mailing list for system and\n   network administrators to discuss helpful techniques and tools. \n\n   You  can  subscribe to the mailing list by sending an email message to\n   majordomo@cert.org. In the body of the message, type\n\n   subscribe snmp-forum\n\n   After you receive the confirmation message, follow the instructions in\n   the message to complete the subscription process. \n\nAppendix A. - Vendor Information\n\n   This  appendix  contains  information  provided  by  vendors  for this\n   advisory.  As  vendors  report new information to the CERT/CC, we will\n   update this section and note the changes in our revision history. If a\n   particular  vendor  is  not  listed  below, we have not received their\n   comments. \n\nAdventNet\n\n     This  is in reference to your notification regarding [VU#107186 and\n     VU#854306]  and  OUSPG#0100.   AdventNet  Inc.  has reproduced this\n     behavior  in  their  products and coded a Service Pack fix which is\n     currently   in   regression   testing   in  AdventNet  Inc.\u0027s  Q.A. \n     organization.    The  release  of  AdventNet  Inc\u0027s.  Service  Pack\n     correcting  the  behavior  outlined in VU#617947, and OUSPG#0100 is\n     scheduled  to  be  generally  available  to all of AdventNet Inc.\u0027s\n     customers by February 20, 2002. \n\nAvaya\n\n     Avaya  Inc. \n\nCacheFlow\n\n     The  purpose of this email is to advise you that CacheFlow Inc. has\n     provided a software update. Please be advised that updated versions\n     of  the  software  are  now  available  for all supported CacheFlow\n     hardware  platforms,  and may be obtained by CacheFlow customers at\n     the following URL:\n\n          http://download.cacheflow.com/\n\n   The  specific reference to the software update is contained within the\n   Release  Notes  for  CacheOS  Versions 3.1.22 Release ID 17146, 4.0.15\n   Release ID 17148, 4.1.02 Release ID 17144 and 4.0.15 Release ID 17149. \n\n   RELEASE NOTES FOR CACHEFLOW SERVER ACCELERATOR PRODUCTS:\n     * http://download.cacheflow.com/release/SA/4.0.15/relnotes.htm\n\n   RELEASE NOTES FOR CACHEFLOW CONTENT ACCELERATOR PRODUCTS:\n     * http://download.cacheflow.com/release/CA/3.1.22/relnotes.htm\n     * http://download.cacheflow.com/release/CA/4.0.15/relnotes.htm\n     * http://download.cacheflow.com/release/CA/4.1.02/relnotes.htm\n\n     * SR   1-1647517,   VI  13045:  This  update  modified  a  potential\n     vulnerability by using an SNMP test tools exploit. \n\n3Com Corporation\n\n     A  vulnerability to an SNMP packet with an invalid length community\n     string  has  been  resolved  in  the  following products. Customers\n     concerned  about  this  weakness should ensure that they upgrade to\n     the following agent versions:\n     PS Hub 40\n     2.16 is due Feb 2002\n     PS Hub 50\n     2.16 is due Feb 2002\n     Dual Speed Hub\n     2.16 is due Jan 2002\n     Switch 1100/3300\n     2.68 is available now\n     Switch 4400\n     2.02 is available now\n     Switch 4900\n     2.04 is available now\n     WebCache1000/3000\n     2.00 is due Jan 2002\n\nCaldera\n\n     Caldera   International,  Inc.  has  reproduced  faulty behavior in\n     Caldera SCO OpenServer 5, Caldera UnixWare 7, and Caldera Open UNIX\n     8.  We have coded a software fix for  supported versions of Caldera\n     UnixWare  7  and  Caldera  Open UNIX 8 that will  be available from\n     our   support   site  at  http://stage.caldera.com/support/security\n     immediately  following the publication of this CERT announcement. A\n     fix  for  supported versions of OpenServer 5 will be available at a\n     later date. \n\nCisco Systems\n\n     Cisco  Systems  is  addressing  the  vulnerabilities  identified by\n     VU#854306  and VU#107186 across its entire product line. Cisco will\n     publish    a    security   advisory   with   further   details   at\n     http://www.cisco.com/go/psirt/. \n\nCompaq Computer Corporation\n\n     x-ref: SSRT0779U SNMP\n     At  the time of writing this document, COMPAQ continues to evaluate\n     this potential problem and when new versions of SNMP are available,\n     COMPAQ  will implement solutions based on the new code. Compaq will\n     provide  notice  of  any  new  patches  as  a result of that effort\n     through  standard  patch  notification  procedures and be available\n     from your normal Compaq Services support channel. \n\nComputer Associates\n\n     Computer  Associates  has  confirmed Unicenter vulnerability to the\n     SNMP  advisory identified by CERT notification reference [VU#107186\n     \u0026   VU#854306]   and   OUSPG#0100.   We  have  produced  corrective\n     maintenance  to  address  these  vulnerabilities,  which  is in the\n     process  of publication for all applicable releases / platforms and\n     will  be  offered  through the CA Support site.  Please contact our\n     Technical    Support   organization   for   information   regarding\n     availability / applicability for your specific configuration(s). \n\nCOMTEK Services, Inc. \n\n     NMServer  for  AS/400  is  not  an SNMP master and is therefore not\n     vulnerable.  However  this  product  requires the use of the AS/400\n     SNMP  master  agent  supplied  by  IBM. \n\n     NMServer   for  OpenVMS  has  been  tested  and  has  shown  to  be\n     vulnerable.  COMTEK  Services  is  preparing  a new release of this\n     product  (version  3.5)  which will contain a fix for this problem. \n     This  new  release  is  scheduled to be available in February 2002. \n     Contact COMTEK Services for further information. \n\n     NMServer  for VOS has not as yet been tested; vulnerability of this\n     agent  is  unknown.  Contact for further information on the testing\n     schedule of the VOS product. \n\nCovalent Technologies\n\n     Covalent Technologies ERS (Enterprise Ready Server), Secure Server,\n     and  Conductor  SNMP module are not vulnerable according to testing\n     performed   in   accordance  with  CERT  recommendations.  Security\n     information for Covalent products can be found at www.covalent.net\n\nDartware, LLC\n\n     Dartware,  LLC  (www.dartware.com)  supplies  two products that use\n     SNMPv1  in  a  manager  role,  InterMapper  and SNMP Watcher.  This statement applies to all present\n     and past versions of these two software packages. \n\nDMH Software\n\n     DMH  Software  is  in  the  process of evaluating and attempting to\n     reproduce this behavior. \n     It  is  unclear at this point if our snmp-agent is sensitive to the\n     tests described above. \n     If  any  problems  will  be  discovered,  DMH  Software will code a\n     software fix. \n     The  release of DMH Software OS correcting the behavior outlined in\n     VU#854306, VU#107186, and OUSPG#0100 will be generally available to\n     all of DMH Software\u0027s customers as soon as possible. \n\nEnGarde Secure Linux\n\n     EnGarde  Secure  Linux  did  not  ship any SNMP packages in version\n     1.0.1 of our distribution, so we are not vulnerable to either bug. \n\nFreeBSD\n\n     FreeBSD  does  not  include any SNMP software by default, and so is\n     not vulnerable.  However, the FreeBSD Ports Collection contains the\n     UCD-SNMP   /   NET-SNMP   package.    Package   versions  prior  to\n     ucd-snmp-4.2.3  are  vulnerable.   The upcoming FreeBSD 4.5 release\n     will  ship  the  corrected  version  of  the  UCD-SNMP  /  NET-SNMP\n     package.   In  addition,  the  corrected version of the packages is\n     available from the FreeBSD mirrors. \n\n     FreeBSD   has   issued  the  following  FreeBSD  Security  Advisory\n     regarding the UCD-SNMP / NET-SNMP package:\n     ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09. \n     snmp.asc. \n\nHewlett-Packard Company\n\n     SUMMARY - known vulnerable:\n     ========================================\n     hp procurve switch 2524\n     NNM  (Network Node Manager)\n     JetDirect Firmware (Older versions only)\n     HP-UX Systems running snmpd or OPENVIEW\n     MC/ServiceGuard\n     EMS\n     Still under investigation:\n     SNMP/iX (MPE/iX)\n     ========================================\n     _________________________________________________________\n     ---------------------------------------------------------\n     hp procurve switch 2524 \n     ---------------------------------------------------------\n     hp procurve switch 2525 (product J4813A) is vulnerable to some\n     issues, patches in process. Watch for the associated HP\n     Security Bulletin. \n     ---------------------------------------------------------\n     NNM  (Network Node Manager)\n     ---------------------------------------------------------\n     Some problems were found in NNM product were related to\n     trap handling. Patches in process. Watch for the\n     associated HP Security Bulletin. \n     ---------------------------------------------------------\n     JetDirect Firmware (Older versions only)\n     ---------------------------------------------------------\n     ONLY some older versions of JetDirect Firmware are\n     vulnerable to some of the issues.  The older firmware\n     can be upgraded in most cases, see list below. \n     JetDirect Firmware Version    State\n     ==========================    =====\n        X.08.32 and higher     NOT Vulnerable\n        X.21.00 and higher     NOT Vulnerable\n     JetDirect Product Numbers that can be freely\n     upgraded to X.08.32 or X.21.00 or higher firmware. \n     EIO (Peripherals Laserjet 4000, 5000, 8000, etc...)\n     J3110A 10T\n     J3111A 10T/10B2/LocalTalk\n     J3112A Token Ring (discontinued)\n     J3113A 10/100 (discontinued)\n     J4169A 10/100\n     J4167A Token Ring\n     MIO (Peripherals LaserJet 4, 4si, 5si, etc...)\n     J2550A/B 10T (discontinued)\n     J2552A/B 10T/10Base2/LocalTalk (discontinued)\n     J2555A/B Token Ring (discontinued)\n     J4100A 10/100\n     J4105A Token Ring\n     J4106A 10T\n     External Print Servers\n     J2591A EX+ (discontinued)\n     J2593A EX+3 10T/10B2 (discontinued)\n     J2594A EX+3 Token Ring (discontinued)\n     J3263A 300X 10/100\n     J3264A 500X Token Ring\n     J3265A 500X 10/100\n     ----------------------------------------------------------\n     HP-UX Systems running snmpd or OPENVIEW\n     ----------------------------------------------------------\n     The following patches are available now:\n       PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated Patch\n       PHSS_26138 s700_800 11.X  OV EMANATE14.2 Agent Consolidated Patch\n       PSOV_03087 EMANATE Release 14.2 Solaris 2.X  Agent Consolidated\n     Patch\n     All three patches are available from:\n     http://support.openview.hp.com/cpe/patches/\n     In addition PHSS_26137 and PHSS_26138 will soon be available from:\n     http://itrc.hp.com\n     ================================================================\n     NOTE: The patches are labeled OV(Open View). However, the patches\n     are also applicable to systems that are not running Open View. \n     =================================================================\n     Any   HP-UX  10.X  or  11.X  system  running  snmpd  or  snmpdm  is\n     vulnerable. \n     To determine if your HP-UX system has snmpd or snmpdm installed:\n       swlist -l file | grep snmpd\n     If a patch is not available for your platform or you cannot install\n     an  available  patch,  snmpd and snmpdm can be disabled by removing\n     their\n     entries  from  /etc/services  and  removing the execute permissions\n     from\n     /usr/sbin/snmpd and /usr/sbin/snmpdm. \n     ----------------------------------------------------------------\n     Investigation completed, systems vulnerable. \n     ----------------------------------------------------------------\n     MC/ServiceGuard\n     Event Monitoring System  (EMS)\n     ----------------------------------------------------------------\n       Still under investigation:\n     ----------------------------------------------------------------\n     SNMP/iX (MPE/iX)\n\nHirschmann Electronics GmbH \u0026 Co. KG\n\n     Hirschmann  Electronics  GmbH  \u0026  Co.  KG supplies a broad range of\n     networking  products,  some  of  which  are  affected  by  the SNMP\n     vulnerabilities  identified by CERT Coordination Center. The manner\n     in  which they are affected and the actions required to avoid being\n     impacted  by  exploitation  of  these  vulnerabilities,  vary  from\n     product to product. Hirschmann customers may contact our Competence\n     Center (phone +49-7127-14-1538, email:\n     ans-support@nt.hirschmann.de)     for    additional    information,\n     especially  regarding  availability  of  latest  firmware  releases\n     addressing the SNMP vulnerabilities. \n\nIBM Corporation\n\n     Based  upon  the  results  of  running  the  test  suites  we  have\n     determined  that  our  version  of  SNMP  shipped  with  AIX is NOT\n     vulnerable. \n\nInnerdive Solutions, LLC\n\n     Innerdive Solutions, LLC has two SNMP based products:\n     1. The \"SNMP MIB Scout\"\n     (http://www.innerdive.com/products/mibscout/)\n     2. The \"Router IP Console\" (http://www.innerdive.com/products/ric/)\n     The \"SNMP MIB Scout\" is not vulnerable to either bug. \n     The \"Router IP Console\" releases prior to 3.3.0.407 are vulnerable. \n     The release of \"Router IP Console\" correcting the behavior outlined\n     in  OUSPG#0100  is  3.3.0.407 and is already available on our site. \n     Also,  we  will  notify all our customers about this new release no\n     later than March 5, 2002. \n\nJuniper Networks\n\n     This  is  in reference to your notification regarding CAN-2002-0012\n     and  CAN-2002-0013.   Juniper Networks has reproduced this behavior\n     and coded a software fix.  The fix will be included in all releases\n     of  JUNOS Internet software built after January 5, 2002.  Customers\n     with  current  support contracts can download new software with the\n     fix from Juniper\u0027s web site at www.juniper.net. \n     Note: The behavior described in CAN-2002-0012 and CAN-2002-0013 can\n     only  be  reproduced  in JUNOS Internet software if certain tracing\n     options  are  enabled.   These options are generally not enabled in\n     production routers. \n\nLantronix, Inc. \n\n     Lantronix  is  committed  to  resolving  security  issues  with our\n     products.  The SNMP security bug you reported has been fixed in LRS\n     firmware version B1.3/611(020123). \n\nLotus Development Corporation\n\n     Lotus    Software   evaluated   the   Lotus   Domino   Server   for\n     vulnerabilities using the test suite materials provided by OUSPG. \n     This  problem  does  not affect default installations of the Domino\n     Server.   However,  SNMP  agents  can  be  installed from the CD to\n     provide  SNMP  services for the Domino Server (these are located in\n     the   /apps/sysmgmt/agents   directory).    The  optional  platform\n     specific  master  and  encapsulator  agents included with the Lotus\n     Domino  SNMP  Agents  for  HP-UX  and Solaris have been found to be\n     vulnerable.  For  those  platforms,  customers  should  upgrade  to\n     version  R5.0.1  a  of  the Lotus Domino SNMP Agents, available for\n     download  from the Lotus Knowledge Base on the IBM Support Web Site\n     (http://www.ibm.com/software/lotus/support/).   Please   refer   to\n     Document  #191059,  \"Lotus Domino SNMP Agents R5.0.1a\", also in the\n     Lotus Knowledge Base, for more details. \n\nLOGEC Systems Inc\n\n     The  products  from  LOGEC  Systems are exposed to SNMP only via HP\n     OpenView.  We  do  not have an implementation of SNMP ourselves. As\n     such,  there is nothing in our products that would be an issue with\n     this alert. \n\nLucent\n\n     Lucent is aware of reports that there is a vulnerability in certain\n     implementations  of  the  SNMP (Simple Network Management Protocol)\n     code  that  is  used in data switches and other hardware throughout\n     the telecom industry. \n     As soon as we were notified by CERT, we began assessing our product\n     portfolio  and  notifying  customers  with  products  that might be\n     affected. \n     Our  5ESS  switch  and  most  of  our  optical  portfolio  were not\n     affected.   Our  core  and  edge  ATM switches and most of our edge\n     access  products  are  affected, but we have developed, tested, and\n     deployed  fixes for many of those products to our customers.  Fixes\n     for  the  rest  of the affected product portfolio will be available\n     shortly. \n     We consider the security and reliability of our customers\u0027 networks\n     to  be  one  of  our  critical  measures  of success. We take every\n     reasonable measure to ensure their satisfaction. \n     In  addition,  we  are  working  with  customers on ways to further\n     enhance the security they have in place today. \n\nMarconi\n\n     Marconi  supplies  a  broad range of telecommunications and related\n     products,  some  of  which are affected by the SNMP vulnerabilities\n     identified  here.  The  manner  in  which they are affected and the\n     actions  required  (if any) to avoid being impacted by exploitation\n     of  these  vulnerabilities,  vary  from  product  to product. Those\n     Marconi   customers   with  support  entitlement  may  contact  the\n     appropriate   Technical  Assistance  Center  (TAC)  for  additional\n     information.  Those not under support entitlement may contact their\n     sales representative. \n\nMicrosoft Corporation\n\n     The  Microsoft  Security Reponse [sic] Center has investigated this\n     issue, and provides the following information. \n\n     Summary:\n     All  Microsoft  implementations  of  SNMP  v1  are  affected by the\n     vulnerability.  The  SNMP v1 service is not installed or running by\n     default on any version of Windows. A patch is underway to eliminate\n     the  vulnerability.  In  the  meantime,  we recommend that affected\n     customers disable the SNMP v1 service. \n\n     Details:\n     An  SNMP  v1 service ships on the CDs for Windows 95, 98, and 98SE. \n     It  is  not  installed  or  running  by  default  on  any  of these\n     platforms.  An SNMP v1 is NOT provided for Windows ME.  However, it\n     is  possible  that  Windows  98  machines  which  had  the  service\n     installed  and  were  upgraded would still have the service.  Since\n     SNMP  is  not  supported for WinME, customers in this situation are\n     urged to remove the SNMP service. \n     An  SNMP  v1  service  is  available  on  Windows NT 4.0 (including\n     Terminal  Server  Edition) and Windows 2000 but is not installed or\n     running  by  default  on any of these platforms.Windows XP does not\n     ship with an SNMP v1 service. \n\n     Remediation:\n     A  patch  is  underway  for  the  affected  platforms,  and will be\n     released  shortly.  In  the  meantime,  Microsoft  recommends  that\n     customers  who  have  the  SNMP  v1  service  running disable it to\n     protect their systems. Following are instruction for doing this:\n\n     Windows 95, 98 and 98SE:\n     1. In Control Panel, double-click Network. \n     2. On  the  Configuration  tab,  select Microsoft SNMP Agent from the\n        list of installed components. \n     3. Click Remove\n\n     Check the following keys and confirm that snmp.exe is not listed. \n     HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunSer\n     vices\n     HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\n \n     For Windows XP:\n     1. Right-click on My Computer and select Manage\n     2. Click on Services and Applications, then on Services\n     3. Location  SNMP  on  the list of services, then select it and click\n        Stop. \n     4. Select Startup, and click Disabled. \n     5. Click  OK  to  close  the  dialoge  [sic], then close the Computer\n        Management window. \n   \n     For Windows NT 4.0 (including Terminal Server Edition):\n     1. Select Start, then Settings. \n     2. Select Control Panel, then click on the Services Icon\n     3. Locate  SNMP  on  the  list  of services, then select it and click\n        Stop. \n     4. Select Startup, and click Disabled. \n     5. Click OK to close the dialoge [sic], then close Control Panel\n\n     Windows 2000:\n     1. Right-click on My Computer and select Manage\n     2. Click on Services and Applications, then on Services\n     3. Location  SNMP  on  the list of services, then select it and click\n        Stop. \n     4. Select Startup, and click Disabled. \n     5. Click  OK  to  close  the  dialoge  [sic], then close the Computer\n        Management window. \n\nMultinet\n\n     MultiNet  and  TCPware customers should contact Process Software to\n     check  for  the availability of patches for this issue. A couple of\n     minor  problems were found and fixed, but there is no security risk\n     related to the SNMP code included with either product. \n\nNetaphor\n\n     NETAPHOR  SOFTWARE INC. is the creator of Cyberons for Java -- SNMP\n     Manager  Toolkit  and Cyberons for Java -- NMS Application Toolkit,\n     two   Java  based  products  that  may  be  affected  by  the  SNMP\n     vulnerabilities  identified  here.  The  manner  in  which they are\n     affected  and the actions required (if any) to avoid being impacted\n     by  exploitation  of  these  vulnerabilities,  may  be  obtained by\n     contacting  Netaphor  via email at info@netaphor.com Customers with\n     annual support may contact support@netaphor.com directly. Those not\n     under    support    entitlement   may   contact   Netaphor   sales:\n     sales@netaphor.com or (949) 470 7955 in USA. \n\nNetBSD\n\n     NetBSD does not ship with any SNMP tools in our \u0027base\u0027 releases. We\n     do  provide  optional  packages  which  provide various support for\n     SNMP.  These  packages  are  not installed by default, nor are they\n     currently  provided  as  an  install option by the operating system\n     installation tools. A system administrator/end-user has to manually\n     install this with our package management tools. These SNMP packages\n     include:\n          + netsaint-plugin-snmp-1.2.8.4  (SNMP  monitoring  plug-in  for\n            netsaint)\n          + p5-Net-SNMP-3.60 (perl5 module for SNMP queries)\n          + p5-SNMP-3.1.0  (Perl5  module for interfacing to the UCD SNMP\n            library\n          + p5-SNMP_Session-0.83   (perl5  module  providing  rudimentary\n            access to remote SNMP agents)\n          + ucd-snmp-4.2.1  (Extensible  SNMP  implementation) (conflicts\n            with ucd-snmp-4.1.2)\n          + ucd-snmp-4.1.2  (Extensible  SNMP  implementation) (conflicts\n            with ucd-snmp-4.2.1)\n\n     We    do   provide   a   software   monitoring   mechanism   called\n     \u0027audit-packages\u0027,  which allows us to highlight if a package with a\n     range  of  versions  has  a potential vulnerability, and recommends\n     that the end-user upgrade the packages in question. \n\nNetscape Communications Corporation\n\n     Netscape  continues  to be committed to maintaining a high level of\n     quality  in  our  software  and  service  offerings.  Part  of this\n     commitment  includes  prompt response to security issues discovered\n     by organizations such as the CERT Coordination Center. \n     According  to a recent CERT/CC advisory, The Oulu University Secure\n     Programming  Group (OUSPG) has reported numerous vulnerabilities in\n     multiple  vendor  SNMPv1 implementations. \n     We  have  carefully  examined the reported findings, performing the\n     tests  suggested  by the OUSPG to determine whether Netscape server\n     products  were  subject to these vulnerabilities. It was determined\n     that several products fell into this category. As a result, we have\n     created  fixes  which will resolve the issues, and these fixes will\n     appear  in  future  releases  of  our  product  line. To Netscape\u0027s\n     knowledge,  there  are  no known instances of these vulnerabilities\n     being exploited and no customers have been affected to date. \n     When such security warnings are issued, Netscape has committed to -\n     and will continue to commit to - resolving these issues in a prompt\n     and timely fashion, ensuring that our customers receive products of\n     the highest quality and security. \n\nNET-SNMP\n\n     All  ucd-snmp  version  prior  to  4.2.2  are  susceptible  to this\n     vulnerability  and  users  of  versions  prior to version 4.2.2 are\n     encouraged   to   upgrade   their  software  as  soon  as  possible\n     (http://www.net-snmp.org/download/).  Version  4.2.2 and higher are\n     not susceptible. \n\nNetwork Associates\n\n     PGP is not affected, impacted, or otherwise related to this VU#. \n\nNetwork Computing Technologies\n\n     Network   Computing   Technologies  has  reviewed  the  information\n     regarding  SNMP  vulnerabilities and is currently investigating the\n     impact to our products. \n\nNokia\n\n     This  vulnerability  is  known  to affect IPSO versions 3.1.3, 3.3,\n     3.3.1,  3.4,  and  3.4.1.   Patches  are  currently  available  for\n     versions  3.3,  3.3.1,  3.4  and  3.4.1 for download from the Nokia\n     website.   In  addition,  version  3.4.2  shipped  with  the  patch\n     incorporated,  and the necessary fix will be included in all future\n     releases of IPSO. \n     We  recommend customers install the patch immediately or follow the\n     recommended precautions below to avoid any potential exploit. \n     If you are not using SNMP services, including Traps, simply disable\n     the   SNMP   daemon   to   completely   eliminate   the   potential\n     vulnerability. \n     If   you  are  using  only  SNMP  Traps  and  running  Check  Point\n     FireWall-1,  create  a  firewall  policy  to disallow incoming SNMP\n     messages on all appropriate interfaces. Traps will continue to work\n     normally. \n\nNortel Networks\n\n     The  CERT Coordination Center has issued a broad based alert to the\n     technology industry, including Nortel Networks, regarding potential\n     security   vulnerabilities   identified   in   the  Simple  Network\n     Management  Protocol  (SNMP),  a  common  networking  standard. The\n     company   is   working   with  CERT  and  other  network  equipment\n     manufacturers, the U.S. Government, service providers, and software\n     suppliers to assess and address this issue. \n\nNovell\n\n     Novell ships SNMP.NLM and SNMPLOG.NLM with NetWare 4.x, NetWare 5.x\n     and  6.0  systems. The SNMP and SNMPLOG vulnerabilities detected on\n     NetWare  are  fixed and will be available through NetWare 6 Support\n     Pack 1 \u0026 NetWare 5.1 Support Pack 4. Support packs are available at\n     http://support.novell.com/tools/csp/\n\nOpenBSD\n\n     OpenBSD does not ship SNMP code. \n\nQualcomm\n\n     WorldMail  does  not  support SNMP by default, so customers who run\n     unmodified installations are not vulnerable. \n\nRedback Networks, Inc. \n\n     Redback  Networks,  Inc.  has  identified that the vulnerability in\n     question  affects  certain versions of AOS software on the SMS 500,\n     SMS  1800,  and  SMS 10000 platforms, and is taking the appropriate\n     steps necessary to correct the issue. \n\nRed Hat\n\n     RedHat has released a security advisiory [sic] at\n     http://www.redhat.com/support/errata/RHSA-2001-163.html\n     with  updated  versions  of  the ucd-snmp package for all supported\n     releases and architectures. For more information or to download the\n     update please visit this page. \n\nSGI\n\n     SGI  acknowledges  the SNMP vulnerabilities reported by CERT and is\n     currently  investigating. \n     For  the  protection  of  all our customers, SGI does not disclose,\n     discuss  or  confirm vulnerabilities until a full investigation has\n     occurred  and  any  necessary  patch(es)  or  release  streams  are\n     available  for all vulnerable and supported IRIX operating systems. \n     Until SGI has more definitive information to provide, customers are\n     encouraged  to  assume  all security vulnerabilities as exploitable\n     and  take  appropriate  steps  according  to  local  site  security\n     policies   and   requirements.   As   further  information  becomes\n     available,  additional advisories will be issued via the normal SGI\n     security  information  distribution  methods  including the wiretap\n     mailing list on http://www.sgi.com/support/security/. \n\nSNMP Research International\n\n     SNMP  Research  has  made  the following vendor statement. They are\n     likely  to  revise  and  expand  the  statement as the date for the\n     public vulnerability announcement draws nearer.   Users  maintaining\n     earlier  releases should update to the current release if they have\n     not  already  done  so. Other Stonesoft\u0027s products are\n     still   under   investigation.   As   further  information  becomes\n     available, additional advisories will be available at\n     http://www.stonesoft.com/support/techcenter/\n\nSun Microsystems, Inc. \n\n     Sun\u0027s  SNMP  product,  Solstice  Enterprise Agents (SEA), described\n     here:\n     http://www.sun.com/solstice/products/ent.agents/\n     is  affected  by VU#854306 but not VU#107186. More specifically the\n     main  agent  of  SEA, snmpdx(1M), is affected on Solaris 2.6, 7, 8. \n     Sun  is  currently  generating  patches  for this issue and will be\n     releasing  a  Sun Security Bulletin once the patches are available. \n     The bulletin will be available from:\n     http://sunsolve.sun.com/security.  Sun  patches are available from:\n     http://sunsolve.sun.com/securitypatch. \n\nSymantec Corporation\n\n     Symantec Corporation has investigated the SNMP issues identified by\n     the  OUSPG test suite and determined that Symantec products are not\n     susceptable [sic] to these issues. \n\nTANDBERG\n\n     Tandberg  have  run  all  the  testcases found the PROTOS test-suie\n     [sic], c06snmpv1:\n     1. c06-snmpv1-trap-enc-pr1.jar\n     2. c06-snmpv1-treq-app-pr1.jar\n     3. c06-snmpv1-trap-enc-pr1.jar\n     4. c06-snmpv1-req-app-pr1.jar\n     The  tests  were  run with standard delay time between the requests\n     (100ms),  but  also  with  a delay of 1ms. The tests applies to all\n     TANDBERG  products (T500, T880, T1000, T2500, T6000 and T8000). The\n     software  tested  on these products were B4.0 (our latest software)\n     and no problems were found when running the test suite. \n\nTivoli Systems\n\n     Our  analysis indicates that this vulnerability does not affect the\n     Tivoli NetView product. \n\nAppendix B. - References\n         1. http://www.ee.oulu.fi/research/ouspg/protos/\n         2. http://www.kb.cert.org/vuls/id/854306\n         3. http://www.kb.cert.org/vuls/id/107186\n         4. http://www.cert.org/tech_tips/denial_of_service.html\n         5. http://www.ietf.org/rfc/rfc1067.txt\n         6. http://www.ietf.org/rfc/rfc1089.txt\n         7. http://www.ietf.org/rfc/rfc1140.txt\n         8. http://www.ietf.org/rfc/rfc1155.txt\n         9. http://www.ietf.org/rfc/rfc1156.txt\n        10. http://www.ietf.org/rfc/rfc1215.txt\n        11. http://www.ietf.org/rfc/rfc1270.txt\n        12. http://www.ietf.org/rfc/rfc1352.txt\n\nAppendix C. - Background Information\n\n     Background Information on the OUSPG\n\n       OUSPG  is an academic research group located at Oulu University in\n       Finland.  The  purpose  of this research group is to test software\n       for vulnerabilities. \n       History  has  shown  that  the  techniques  used by the OUSPG have\n       discovered a large number of previously undetected problems in the\n       products  and  protocols  they  have  tested.  In  2001, the OUSPG\n       produced a comprehensive test suite for evaluating implementations\n       of  the  Lightweight  Directory  Access Protocol (LDAP). This test\n       suite  was  developed with the strategy of abusing the protocol in\n       unsupported  and  unexpected  ways,  and  it was very effective in\n       uncovering  a  wide  variety  of  vulnerabilities  across  several\n       products.  This approach can reveal vulnerabilities that would not\n       manifest themselves under normal conditions. \n       After  completing  its  work  on  LDAP,  OUSPG  moved its focus to\n       SNMPv1.  As  with  LDAP,  they designed a custom test suite, began\n       testing   a   selection   of  products,  and  found  a  number  of\n       vulnerabilities.  Because  OUSPG\u0027s  work  on  LDAP  was similar in\n       procedure  to its current work on SNMP, you may wish to review the\n       LDAP  Test  Suite  and  CERT  Advisory  CA-2001-18, which outlined\n       results of application of the test suite. \n       In order to test the security of protocols like SNMPv1, the PROTOS\n       project  presents  a  server with a wide variety of sample packets\n       containing  unexpected  values  or  illegally formatted data. As a\n       member of the PROTOS project consortium, the OUSPG used the PROTOS\n       c06-snmpv1  test  suite  to  study  several implementations of the\n       SNMPv1  protocol.  Results  of  the  test  suites run against SNMP\n       indicate  that  there  are  many different vulnerabilities on many\n       different implementations of SNMP. Software and\n       firmware products designed for networks often make use of the SNMP\n       protocol.  SNMP  runs  on  a  multitude  of  devices and operating\n       systems, including, but not limited to,\n          + Core  Network  Devices (Routers, Switches, Hubs, Bridges, and\n            Wireless Network Access Points)\n          + Operating Systems\n          + Consumer  Broadband  Network  Devices  (Cable  Modems and DSL\n            Modems)\n          + Consumer Electronic Devices (Cameras and Image Scanners)\n          + Networked   Office  Equipment  (Printers,  Copiers,  and  FAX\n            Machines)\n          + Network and Systems Management/Diagnostic Frameworks (Network\n            Sniffers and Network Analyzers)\n          + Uninterruptible Power Supplies (UPS)\n          + Networked Medical Equipment (Imaging Units and Oscilloscopes)\n          + Manufacturing and Processing Equipment\n       The  SNMP  protocol  is  formally defined in RFC1157. Quoting from\n       that RFC:\n\n                Implicit  in the SNMP architectural model is a collection\n                of  network  management  stations  and  network elements. \n                Network    management    stations    execute   management\n                applications  which monitor and control network elements. \n                Network  elements  are  devices  such as hosts, gateways,\n                terminal  servers,  and  the  like, which have management\n                agents  responsible for performing the network management\n                functions  requested  by the network management stations. \n\n       Additionally,   SNMP  is  discussed  in  a  number  of  other  RFC\n       documents:\n          + RFC 3000 Internet Official Protocol Standards\n          + RFC 1212 Concise MIB Definitions\n          + RFC  1213  Management Information Base for Network Management\n            of TCP/IP-based Internets: MIB-II\n          + RFC  1215  A  Convention  for Defining Traps for use with the\n            SNMP\n          + RFC 1270 SNMP Communications Services\n          + RFC  2570  Introduction to Version 3 of the Internet-standard\n            Network Management Framework\n          + RFC  2571  An  Architecture  for  Describing  SNMP Management\n            Frameworks\n          + RFC  2572  Message  Processing and Dispatching for the Simple\n            Network Management Protocol (SNMP)\n          + RFC 2573 SNMP Applications\n          + RFC 2574 User-based Security Model (USM) for version 3 of the\n            Simple Network Management Protocol (SNMPv3)\n          + RFC  2575  View-based  Access  Control  Model  (VACM) for the\n            Simple Network Management Protocol (SNMP)\n          + RFC  2576  Coexistence  between  Version  1,  Version  2, and\n            Version   3   of  the  Internet-standard  Network  Management\n            Framework\n         _____________________________________________________________\n\n       The  CERT  Coordination  Center  thanks the Oulu University Secure\n       Programming  Group  for reporting these vulnerabilities to us, for\n       providing  detailed  technical  analyses,  and for assisting us in\n       preparing  this  advisory.  We also thank Steven M. Bellovin (AT\u0026T\n       Labs  --  Research),  Wes Hardaker (Net-SNMP), Steve Moulton (SNMP\n       Research),  Tom Reddington (Bell Labs), Mike Duckett (Bell South),\n       Rob   Thomas,  Blue  Boar  (Thievco),  and  the  many  others  who\n       contributed to this document. \n         _____________________________________________________________\n\n       Feedback  on  this document can be directed to the authors, Ian A. \n       Finlay, Shawn V. Hernan, Jason A. Rafail, Chad Dougherty, Allen D. \n       Householder, Marty Lindner, and Art Manion. \n       __________________________________________________________________\n\n       This document is available from:\n       http://www.cert.org/advisories/CA-2002-03.html\n       __________________________________________________________________\n\n       CERT/CC Contact Information\n\n        Email: cert@cert.org\n                Phone: +1 412-268-7090 (24-hour hotline)\n                Fax: +1 412-268-6989\n                Postal address:\n                CERT Coordination Center\n                Software Engineering Institute\n                Carnegie Mellon University\n                Pittsburgh PA 15213-3890\n                U.S.A. \n\n       CERT/CC  personnel  answer  the  hotline  08:00-17:00 EST(GMT-5) /\n       EDT(GMT-4) Monday through Friday; they are on call for emergencies\n       during other hours, on U.S. holidays, and on weekends. \n       \n       Using encryption\n       We  strongly  urge  you  to  encrypt sensitive information sent by\n       email. Our public PGP key is available from\n        http://www.cert.org/CERT_PGP.key\n       If  you  prefer  to use DES, please call the CERT hotline for more\n       information. \n       \n       Getting  security information\n       CERT publications and other security information are available\n       from our web site\n        http://www.cert.org/\n       To   subscribe  to  the  CERT  mailing  list  for  advisories  and\n       bulletins, send email to majordomo@cert.org. Please include in the\n       body of your message\n       \n         subscribe cert-advisory\n       \n       * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n       Patent and Trademark Office. \n       __________________________________________________________________\n\n       NO WARRANTY\n       Any  material  furnished  by  Carnegie  Mellon  University and the\n       Software  Engineering  Institute is furnished on an \"as is\" basis. \n       Carnegie Mellon University makes no warranties of any kind, either\n       expressed  or  implied as to any matter including, but not limited\n       to,   warranty   of   fitness   for   a   particular   purpose  or\n       merchantability,  exclusivity  or results obtained from use of the\n       material. Carnegie Mellon University does not make any warranty of\n       any  kind  with  respect  to  freedom  from  patent, trademark, or\n       copyright infringement. \n         _____________________________________________________________\n\n       Conditions for use, disclaimers, and sponsorship information\n       Copyright 2002 Carnegie Mellon University. \n\nRevision History\n\n       February 12, 2002: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBPGltxKCVPMXQI2HJAQGVeAQAuHtxGBsmU5HI6PtqhpZ1rkpV+Cq3ChIU\nR1FUz4Zi2vzklH8jdXd10KqwZAPhXTPazeguhRyLVSUprMlSKqcXg3BCkH/y4WAl\nQUZ1VnQXMnMrxIJO1fv0WW0pcyM4W0iQBl0kCIlawPcjCGVniOCOr+4CE0f923wr\nuZiMJ5f2SEo=\n=h42e\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2002-0053"
      },
      {
        "db": "CERT/CC",
        "id": "VU#107186"
      },
      {
        "db": "CERT/CC",
        "id": "VU#854306"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000035"
      },
      {
        "db": "BID",
        "id": "89608"
      },
      {
        "db": "BID",
        "id": "89661"
      },
      {
        "db": "BID",
        "id": "4732"
      },
      {
        "db": "BID",
        "id": "4132"
      },
      {
        "db": "PACKETSTORM",
        "id": "25758"
      }
    ],
    "trust": 4.23
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#107186",
        "trust": 3.9
      },
      {
        "db": "CERT/CC",
        "id": "VU#854306",
        "trust": 3.9
      },
      {
        "db": "NVD",
        "id": "CVE-2002-0053",
        "trust": 3.0
      },
      {
        "db": "BID",
        "id": "4132",
        "trust": 1.9
      },
      {
        "db": "BID",
        "id": "4732",
        "trust": 1.9
      },
      {
        "db": "BID",
        "id": "4088",
        "trust": 1.6
      },
      {
        "db": "BID",
        "id": "4089",
        "trust": 1.6
      },
      {
        "db": "XF",
        "id": "8176",
        "trust": 0.8
      },
      {
        "db": "XF",
        "id": "8177",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000035",
        "trust": 0.8
      },
      {
        "db": "MS",
        "id": "MS02-006",
        "trust": 0.6
      },
      {
        "db": "OVAL",
        "id": "OVAL:ORG.MITRE.OVAL:DEF:209",
        "trust": 0.6
      },
      {
        "db": "OVAL",
        "id": "OVAL:ORG.MITRE.OVAL:DEF:402",
        "trust": 0.6
      },
      {
        "db": "CERT/CC",
        "id": "CA-2002-03",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200203-006",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "89608",
        "trust": 0.3
      },
      {
        "db": "BID",
        "id": "89661",
        "trust": 0.3
      },
      {
        "db": "PACKETSTORM",
        "id": "25758",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#107186"
      },
      {
        "db": "CERT/CC",
        "id": "VU#854306"
      },
      {
        "db": "BID",
        "id": "89608"
      },
      {
        "db": "BID",
        "id": "89661"
      },
      {
        "db": "BID",
        "id": "4732"
      },
      {
        "db": "BID",
        "id": "4132"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000035"
      },
      {
        "db": "PACKETSTORM",
        "id": "25758"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200203-006"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-0053"
      }
    ]
  },
  "id": "VAR-200203-0024",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.3056849
  },
  "last_update_date": "2024-11-22T22:51:40.268000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HPSBUX00184",
        "trust": 0.8,
        "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00964944"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.ibm.com/jp/"
      },
      {
        "title": "MS02-006",
        "trust": 0.8,
        "url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.mspx"
      },
      {
        "title": "RHSA-2001:163",
        "trust": 0.8,
        "url": "http://rhn.redhat.com/errata/RHSA-2001-163.html"
      },
      {
        "title": "#00215",
        "trust": 0.8,
        "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-1"
      },
      {
        "title": "#00215",
        "trust": 0.8,
        "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-3"
      },
      {
        "title": "MS02-006",
        "trust": 0.8,
        "url": "http://www.microsoft.com/japan/technet/security/Bulletin/ms02-006.mspx"
      },
      {
        "title": "RHSA-2001:163",
        "trust": 0.8,
        "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2001-163J.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000035"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2002-0053"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 4.4,
        "url": "http://www.cert.org/advisories/ca-2002-03.html"
      },
      {
        "trust": 4.1,
        "url": "http://www.kb.cert.org/vuls/id/107186"
      },
      {
        "trust": 4.1,
        "url": "http://www.kb.cert.org/vuls/id/854306"
      },
      {
        "trust": 3.2,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0013"
      },
      {
        "trust": 3.2,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0012"
      },
      {
        "trust": 3.2,
        "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html"
      },
      {
        "trust": 2.0,
        "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006"
      },
      {
        "trust": 2.0,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a209"
      },
      {
        "trust": 2.0,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a402"
      },
      {
        "trust": 1.7,
        "url": "http://www.ee.oulu.fi/research/ouspg/protos/"
      },
      {
        "trust": 1.7,
        "url": "http://www.cert.org/tech_tips/denial_of_service.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.ietf.org/rfc/rfc1215.txt"
      },
      {
        "trust": 1.7,
        "url": "http://www.ietf.org/rfc/rfc1270.txt"
      },
      {
        "trust": 1.6,
        "url": "http://www.ietf.org/rfc/rfc3000.txt"
      },
      {
        "trust": 1.6,
        "url": "http://www.ietf.org/rfc/rfc1212.txt"
      },
      {
        "trust": 1.6,
        "url": "http://www.ietf.org/rfc/rfc1213.txt"
      },
      {
        "trust": 1.6,
        "url": "http://www.ietf.org/rfc/rfc2570.txt"
      },
      {
        "trust": 1.6,
        "url": "http://www.ietf.org/rfc/rfc2571.txt"
      },
      {
        "trust": 1.6,
        "url": "http://www.ietf.org/rfc/rfc2572.txt"
      },
      {
        "trust": 1.6,
        "url": "http://www.ietf.org/rfc/rfc2573.txt"
      },
      {
        "trust": 1.6,
        "url": "http://www.ietf.org/rfc/rfc2574.txt"
      },
      {
        "trust": 1.6,
        "url": "http://www.ietf.org/rfc/rfc2575.txt"
      },
      {
        "trust": 1.6,
        "url": "http://www.ietf.org/rfc/rfc2576.txt"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/4088"
      },
      {
        "trust": 1.6,
        "url": "http://online.securityfocus.com/bid/4132"
      },
      {
        "trust": 1.6,
        "url": "http://online.securityfocus.com/bid/4732"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/4089"
      },
      {
        "trust": 1.2,
        "url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.asp"
      },
      {
        "trust": 0.8,
        "url": "http://www.ciac.org/ciac/bulletins/m-042.shtml"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0053"
      },
      {
        "trust": 0.8,
        "url": "http://www.ipa.go.jp/security/ciadr/20020213snmp.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/wr/2002/wr020701.txt"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/wr/2002/wr020901.txt"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/at/2002/at020001.txt"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnca-2002-03"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0053"
      },
      {
        "trust": 0.8,
        "url": "http://xforce.iss.net/xforce/xfdb/8176"
      },
      {
        "trust": 0.8,
        "url": "http://xforce.iss.net/xforce/xfdb/8177"
      },
      {
        "trust": 0.8,
        "url": "http://www.isskk.co.jp/support/techinfo/general/protos_snmp_xforce.html"
      },
      {
        "trust": 0.6,
        "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:402"
      },
      {
        "trust": 0.6,
        "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:209"
      },
      {
        "trust": 0.3,
        "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f44605"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-non-ios-pub.shtml"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/public/sw-center/sw-ios.shtml"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-pub.shtml"
      },
      {
        "trust": 0.1,
        "url": "http://www.ietf.org/rfc/rfc1352.txt"
      },
      {
        "trust": 0.1,
        "url": "http://www.redhat.com/support/errata/rhsa-2001-163.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.cert.org/tech_tips/snmp_faq.html"
      },
      {
        "trust": 0.1,
        "url": "http://download.cacheflow.com/release/ca/4.1.02/relnotes.htm"
      },
      {
        "trust": 0.1,
        "url": "http://www.innerdive.com/products/ric/)"
      },
      {
        "trust": 0.1,
        "url": "https://www.juniper.net."
      },
      {
        "trust": 0.1,
        "url": "http://sunsolve.sun.com/securitypatch."
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/go/psirt/."
      },
      {
        "trust": 0.1,
        "url": "http://download.cacheflow.com/release/ca/4.0.15/relnotes.htm"
      },
      {
        "trust": 0.1,
        "url": "http://www.ietf.org/rfc/rfc1067.txt"
      },
      {
        "trust": 0.1,
        "url": "https://www.dartware.com)"
      },
      {
        "trust": 0.1,
        "url": "http://www.ietf.org/rfc/rfc1140.txt"
      },
      {
        "trust": 0.1,
        "url": "http://itrc.hp.com"
      },
      {
        "trust": 0.1,
        "url": "http://www.sun.com/solstice/products/ent.agents/"
      },
      {
        "trust": 0.1,
        "url": "http://stage.caldera.com/support/security"
      },
      {
        "trust": 0.1,
        "url": "http://www.ee.oulu.fi/research/ouspg/)"
      },
      {
        "trust": 0.1,
        "url": "http://www.net-snmp.org/download/)."
      },
      {
        "trust": 0.1,
        "url": "http://www.cert.org/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cert.org/cert_pgp.key"
      },
      {
        "trust": 0.1,
        "url": "http://www.ibm.com/software/lotus/support/)."
      },
      {
        "trust": 0.1,
        "url": "http://download.cacheflow.com/release/sa/4.0.15/relnotes.htm"
      },
      {
        "trust": 0.1,
        "url": "http://download.cacheflow.com/"
      },
      {
        "trust": 0.1,
        "url": "http://www.ietf.org/rfc/rfc1156.txt"
      },
      {
        "trust": 0.1,
        "url": "http://support.novell.com/tools/csp/"
      },
      {
        "trust": 0.1,
        "url": "http://support.openview.hp.com/cpe/patches/"
      },
      {
        "trust": 0.1,
        "url": "https://www.covalent.net"
      },
      {
        "trust": 0.1,
        "url": "http://www.innerdive.com/products/mibscout/)"
      },
      {
        "trust": 0.1,
        "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/0100.h"
      },
      {
        "trust": 0.1,
        "url": "http://sunsolve.sun.com/security."
      },
      {
        "trust": 0.1,
        "url": "http://www.ietf.org/rfc/rfc1155.txt"
      },
      {
        "trust": 0.1,
        "url": "http://www.stonesoft.com/support/techcenter/"
      },
      {
        "trust": 0.1,
        "url": "http://www.sgi.com/support/security/."
      },
      {
        "trust": 0.1,
        "url": "http://www.ietf.org/rfc/rfc1089.txt"
      },
      {
        "trust": 0.1,
        "url": "http://download.cacheflow.com/release/ca/3.1.22/relnotes.htm"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#107186"
      },
      {
        "db": "CERT/CC",
        "id": "VU#854306"
      },
      {
        "db": "BID",
        "id": "89608"
      },
      {
        "db": "BID",
        "id": "89661"
      },
      {
        "db": "BID",
        "id": "4732"
      },
      {
        "db": "BID",
        "id": "4132"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000035"
      },
      {
        "db": "PACKETSTORM",
        "id": "25758"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200203-006"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-0053"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#107186"
      },
      {
        "db": "CERT/CC",
        "id": "VU#854306"
      },
      {
        "db": "BID",
        "id": "89608"
      },
      {
        "db": "BID",
        "id": "89661"
      },
      {
        "db": "BID",
        "id": "4732"
      },
      {
        "db": "BID",
        "id": "4132"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000035"
      },
      {
        "db": "PACKETSTORM",
        "id": "25758"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200203-006"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-0053"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2002-01-16T00:00:00",
        "db": "CERT/CC",
        "id": "VU#107186"
      },
      {
        "date": "2002-02-12T00:00:00",
        "db": "CERT/CC",
        "id": "VU#854306"
      },
      {
        "date": "2002-03-08T00:00:00",
        "db": "BID",
        "id": "89608"
      },
      {
        "date": "2002-03-08T00:00:00",
        "db": "BID",
        "id": "89661"
      },
      {
        "date": "2002-05-13T00:00:00",
        "db": "BID",
        "id": "4732"
      },
      {
        "date": "2002-02-12T00:00:00",
        "db": "BID",
        "id": "4132"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2002-000035"
      },
      {
        "date": "2002-02-12T22:54:19",
        "db": "PACKETSTORM",
        "id": "25758"
      },
      {
        "date": "2002-03-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200203-006"
      },
      {
        "date": "2002-03-08T05:00:00",
        "db": "NVD",
        "id": "CVE-2002-0053"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-11-07T00:00:00",
        "db": "CERT/CC",
        "id": "VU#107186"
      },
      {
        "date": "2007-11-07T00:00:00",
        "db": "CERT/CC",
        "id": "VU#854306"
      },
      {
        "date": "2002-03-08T00:00:00",
        "db": "BID",
        "id": "89608"
      },
      {
        "date": "2002-03-08T00:00:00",
        "db": "BID",
        "id": "89661"
      },
      {
        "date": "2002-05-13T00:00:00",
        "db": "BID",
        "id": "4732"
      },
      {
        "date": "2002-02-12T00:00:00",
        "db": "BID",
        "id": "4132"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2002-000035"
      },
      {
        "date": "2005-10-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200203-006"
      },
      {
        "date": "2024-11-20T23:38:11.360000",
        "db": "NVD",
        "id": "CVE-2002-0053"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "89608"
      },
      {
        "db": "BID",
        "id": "89661"
      },
      {
        "db": "BID",
        "id": "4732"
      },
      {
        "db": "BID",
        "id": "4132"
      }
    ],
    "trust": 1.2
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple vulnerabilities in SNMPv1 trap handling",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#107186"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input Validation Error",
    "sources": [
      {
        "db": "BID",
        "id": "89608"
      },
      {
        "db": "BID",
        "id": "89661"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.