ADTRAN Advisory:
SNMPv1 Request and Trap Handling Vulnerabilities

Revision 2.3

Release Date: 19 February 2002

Last Updated: 10 September 2002

  1. Summary

    2. On February 12, 2002 the CERT®/CC released an advisory related to security vulnerabilities that may exist in network devices using SNMPv1 as the management protocol. In response to this advisory, CERT® Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP)", ADTRAN began reproducing the tests that elicit these vulnerabilities for all ADTRAN products that feature SNMPv1 capability. A list of all potentially affected ADTRAN products is listed in Appendix A: Products Potentially Affected.

  2. Impact

    3. Preliminary test results have indicated multiple ADTRAN products exhibit certain vulnerabilities to SNMP messages. Some of these vulnerabilities can be exploited, resulting in a denial of service or service interruption. These results have not indicated any vulnerability that will allow an attacker to gain access to the affected device.

  3. Solution

ADTRAN is currently applying the PROTOS c06-SNMPv1 test suite to all products that feature SNMPv1 capability. Until ADTRAN has completed testing on all of its products and provided patches or fixes to eliminate these vulnerabilities, ADTRAN recommends considering one or more of the following solutions, as identified in CERT® Advisory CA-2002-03, to minimize your network’s potential exposure to these vulnerabilities:

ADTRAN’s NetVanta Solutions

ADTRAN’s NetVanta 2000 Series of products can be used to provide most of the solutions identified above, including ingress and egress filtering, filtering SNMP traffic from non-authorized internal hosts, and restricting SNMP traffic to Virtual Private Networks (VPNs). For further information on how NetVanta’s VPN and Firewall solutions can secure your network, please see http://www.adtran.com/netvanta2000.
  1. Revision History

Revision

Date

Notes

Revision 1.0

19 February 2002

Initial Public Release

Revision 1.1

12 March 2002

Updated Appendix A — added TSU 100e and ATLAS 550 test results

Revision 1.2

20 March 2002

Updated Appendix A — added TSU 120e and TSU Router Module test results

Revision 1.3

28 March 2002

Updated Appendix A — added MX2800 and TSU SNMP Agent module test results

Revision 1.4

2 April 2002

Updated Appendix A — added MX2810 test results

Revision 1.5

9 April 2002

Updated Appendix A — added DSU IQ and Total Access 3000 test results

Revision 1.6

24 April 2002

Updated Appendix A — added TSU IQ, TSU IQ Plus and IQ Probe test results

Revision 1.7

2 May 2002

Updated Appendix A — added TA 1500 test results

Revision 1.8

24 May 2002

Updated Appendix A — added DSU IV, Total Access 600R, IQ710, and ATLAS 800 Plus test results

Revision 1.9

31 July 2002

Updated Appendix A — added Smart 16e Controller test results

Revision 2.0

8 August 2002

Updated Appendix A — added TSU IQ RM and OSU300 test results

Revision 2.1

16 August 2002

Updated Appendix A — added Express 5110 test results

Revision 2.2

27 August 2002

Updated Appendix A — added TDU 120e test results

Revision 2.3

10 September 2002

Updated Appendix A — added NetVanta 3200 test results

Appendix A: Products Potentially Affected

The following ADTRAN products are potentially vulnerable if they are running an affected version of software:

Product Family

Product

Status

req-app

req-enc

trap-app

trap-enc

ATLAS Series

ATLAS 550

Tested. Working on fix.

Fail

Fail

Pass (n/a)

Pass (n/a)

ATLAS Series

ATLAS 800

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

ATLAS Series

ATLAS 800Plus

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

ATLAS Series

ATLAS 810Plus

Evaluating

        

ATLAS Series

ATLAS 890

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

DDS DSU/CSU

DSU IV ESP

Tested. Working on fix.

Fail

Fail

Pass (n/a)

Pass (n/a)

ESU Series

ESU 120e

Evaluating

        

Frame Relay Access Devices

Express 5110

Evaluating

        

Frame Relay Access Devices

Express 5200

Evaluating

        

Frame Relay Access Devices

Express 5210

Evaluating

        

IDSL Router

Express 6100

Evaluating

        

IQ Series

DSU IQ

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

IQ Series

IQ 710, 1st GEN

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

IQ Series

IQ Probe

Tested. No vulnerabilities discovered. Currently verifying select results.

Pass

Pass

Pass (n/a)

Pass (n/a)

IQ Series

TSU IQ

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

IQ Series

TSU IQ RM

Tested. Working on fix.

Fail

Pass

Pass (n/a)

Pass (n/a)

IQ Series

TSU IQ Plus

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

NetVanta Series

NetVanta 3200

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

Network Management

ADVISION

Evaluating

        

Network Management

N-Form

Evaluating

        

Network Management

T-Watch

Evaluating

        

OSU Series

OSU 300

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

SHDSL CSU/DSU

Express 6503

Evaluating

        

Smart 16 DSU/CSUs

Smart 16 Controller

Tested. Working on fix.

Fail

Fail

Pass (n/a)

Pass (n/a)

T1 CSU/DSUs Series

TSU ESP

Evaluating

        

T3SU300 Series

T3SU 300

Evaluating

        

TDU Series

TDU 120e

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

Total Access Series

TA 600R

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

Total Access Series

Total Access 1500

Fixed. No further vulnerabilities identified (Rev scu s02.02).

Pass

Pass

Pass (n/a)

Pass (n/a)

Total Access Series

Total Access 3000

Tested. Working on fix.

Fail

Pass

Pass (n/a)

Pass (n/a)

Total Access Series

Total Access 4303

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

Total Access Series

Total Access 600 Series

Tested. Working on fix.

Fail

Pass

Pass (n/a)

Pass (n/a)

Total Access Series

Total Access 850

Tested. Working on fix.

Fail

Pass

Pass (n/a)

Pass (n/a)

Total Access Series

Total Access MX2800

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

Total Access Series

Total Access MX2810

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

TSU Series

TSU 100e

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

TSU Series

TSU 120e

Tested. No vulnerabilities discovered. Currently verifying select results.

Pass

Pass

Pass (n/a)

Pass (n/a)

TSU Series

TSU 600e

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

TSU Series

TSU Router Module

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)

TSU Series

TSU SNMP Agent Module

Tested. No vulnerabilities discovered.

Pass

Pass

Pass (n/a)

Pass (n/a)