NOVELL TECHNICAL INFORMATION DOCUMENT

TITLE:  SNMP vulnerability fix for NW 4.x, 5.x, 6.x
TID #:  2961546
README FOR:  SNMPFIX.EXE

NOVELL PRODUCTS and VERSIONS:
NetWare 5
NetWare for Small Business 4.2
NetWare 4.2
NetWare 5.1
ZENworks for Servers
NetWare 6

ABSTRACT:

This patch addresses the SNMP Vulnerability issues listed in the Issues Section
of this readme.

The files SNMPLOG.NLM & SNMPLOG.MSG are the same as the ones we ship with NW5.1
SP4 and NW6 SP1.  But the files SNMP.NLM & SNMP.MSG are newer in this TID than
the files shipping in NW5.1 SP4 and NW 6 SP1.  Hence if the support pack is
already applied then only SNMP.NLM & SNMP.MSG has to be replaced else all the
the four files have to be replaced.

These modules will not be in a NetWare 4.x Support Pack.  This was tested on
4.11, 4.2, 5.0, 5.1, and 6.0 only. 




-----------------------------------------------------------------
DISCLAIMER
THE ORIGIN OF THIS INFORMATION MAY BE INTERNAL OR EXTERNAL TO 
NOVELL.  NOVELL MAKES ALL REASONABLE EFFORTS TO VERIFY THIS 
INFORMATION.  HOWEVER, THE INFORMATION PROVIDED IN THIS DOCUMENT 
IS FOR YOUR INFORMATION ONLY.  NOVELL MAKES NO EXPLICIT OR IMPLIED 
CLAIMS TO THE VALIDITY OF THIS INFORMATION.
-----------------------------------------------------------------


INSTALLATION INSTRUCTIONS:

Replace the files on your server with the ones in this patch in the appropriate
directories.  The NLMs should go to sys:\system folder and msg files should go
to sys:\system\nls\4 folder.

After you replace them you need to unload and reload SNMP and the best way to
do that is to reboot the server.

ISSUE: 

THIS PATCH ADDRESS THE FOLLOWING ISSUES
VU#107186 - Multiple vulnerabilities in SNMPv1 trap handling 


SNMP trap messages are sent from agents to managers. A trap message may
indicate a warning or error condition or otherwise notify the manager about the
agent's state. SNMP managers must properly decode trap messages and process the
resulting data. In testing, OUSPG found multiple vulnerabilities in the way
many SNMP managers decode and process SNMP trap messages. 

VU#854306 - Multiple vulnerabilities in SNMPv1 request handling 


SNMP request messages are sent from managers to agents. Request messages might
be issued to obtain information from an agent or to instruct the agent to
configure the host device. SNMP agents must properly decode request messages
and process the resulting data. In testing, OUSPG found multiple
vulnerabilities in the way many SNMP agents decode and process SNMP request
messages.


Self-Extracting File Name: SNMPFIX.EXE

Files Included          Size         Date          Time
..\
   SNMPFIX.TXT   (This file)
..\SYSTEM\
      SNMP.NLM        111898    2-15-2002    9:09:24 am
   SNMPLOG.NLM         16774     1-3-2002    4:42:56 pm
..\SYSTEM\NLS\
..\SYSTEM\NLS\4\
      SNMP.MSG          4189    2-15-2002    9:09:08 am
   SNMPLOG.MSG           785     1-3-2002    4:42:56 pm



-----------------------------------------------------------------
Any trademarks referenced in this document are the property of their respective
owners.  Consult your product manuals for complete trademark information.
-----------------------------------------------------------------