If you ever read SNMP specs, you can realize, that there is not any C or C++ SNMP implementation without such problem. So, rule number 1 is _never expose SNMP to Internet, and be careful to filter out any inbound packets, forwarded to your SNMP ports.
It is easy to predict next SNMP problem in next 6 month, etc... Too complicated protocol, implemented by (in most cases) less qualified engineers (SNMP module is always of low priority, in any project - I never saw an exception, and Cisco is not one). // In reality, it is not problem at all... except for some clueless providers. ----- Original Message ----- From: "Mikael Abrahamsson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, April 21, 2004 2:40 AM Subject: snmp vuln > > > http://www.cisco.com/warp/public/707/cisco-sa-20040420-snmp.shtml > > This one seems much worse than the TCP RST problem. > > -- > Mikael Abrahamsson email: [EMAIL PROTECTED] >