We had our round a couple of months ago, remember?
Now for the Cisco situation. What are people using for massively telneting
to devices and issuing commands? In my current situation I am looking at
implementing ACLs for a few thousand devices. I know there are commercial
products out there for running scripts on devices. Any recommendations?
Cordially,
Leslie A. Clark
IBM Global Services - Systems Mgmt & Networking
Detroit
netview@toddh.
net (Todd H.) To: nv-l@lists.tivoli.com
cc:
02/12/02 04:53 Subject: [nv-l] CERT security
advisory on
PM multiple SNMP implementations
Oy...there goes the neighborhood. NetView is clean, but a bunch of
devices in the average network are likely to be vulnerable:
http://www.cert.org/advisories/CA-2002-03.html
I'm curious if anyone know how NetView got branded as not vulnerable
to trap format string attacks without the dependency on the security
e-Fix from 6.02 that came out in response to:
http://www.cert.org/advisories/CA-2001-24.html
Perhaps because that vulnerability only existed if you launched
external scripts in event processing forked by ovactiond?
--
Todd H.
http://www.toddh.net/
---------------------------------------------------------------------
To unsubscribe, e-mail: nv-l-unsubscribe@lists.tivoli.com
For additional commands, e-mail: nv-l-help@lists.tivoli.com
*NOTE*
This is not an Offical Tivoli Support forum. If you need immediate
assistance from Tivoli please call the IBM Tivoli Software Group
help line at 1-800-TIVOLI8(848-6548)
|