Thanks for the quick reply Frank. IMO a statement on the SNMP4J site regarding those two cert vulnerabilities would be helpful.
Regards, Scott. -----Original Message----- From: Frank Fock [mailto:[EMAIL PROTECTED] Sent: Wednesday, 2 July 2008 7:47 p.m. To: Abernethy, Scott Cc: [email protected] Subject: Re: [SNMP4J] SNMP4J Vulnerability / Certification Scott, Obviously, I cannot confirm that "SNMP4J is not vulnerable to *any* attacks". Sorry, this is not how software works. SNMP4J is not affected by the latest NET-SNMP bug (http://www.kb.cert.org/vuls/id/878044) and it is not affected by http://www.cert.org/advisories/CA-2002-03.html You can search the mailing list archive using your favorite search engine. With Google enter your search string and then append " SNMPv3 site:http://lists.agentpp.org/pipermail/snmp4j"; Best regards, Frank Abernethy, Scott wrote: > I want to confirm that the SNMP4J API is not vulnerable to any attacks. > Is the SNMP4J API certified against any vulnerability tests, and if > so, which? I.e. is it tested with any available tools (e.g. > SimpleSleuth), and does it pass applicable CERT vulnerability issues > (e.g. VU#878044), etc? > > I've looked all over the snmp4j.org site and through the API > documentation, but I can't find any mention of this topic. > > Thanks, > Scott. > > ps Appologies if this has been previously covered in this mailing > list > - without an archive search feature it is very hard to find out. > _______________________________________________ > SNMP4J mailing list > [email protected] > http://lists.agentpp.org/mailman/listinfo/snmp4j -- AGENT++ http://www.agentpp.com http://www.mibexplorer.com http://www.mibdesigner.com _______________________________________________ SNMP4J mailing list [email protected] http://lists.agentpp.org/mailman/listinfo/snmp4j
