CERT warns of new Internet flaw
13th February 2002 (The Star)

SAN FRANCISCO: An Internet security watchdog group Tuesday warned that a flaw in the way a popular Internet technology is used could leave corporate and university computer networks vulnerable to attack by hackers.

The vulnerabilities affect the Simple Network Management Protocol (SNMP), which enables network administrators to remotely monitor and configure routers, switches, operating systems, and network management systems, according to the Coordination Centre at the Computer Emergency Response Team (CERT) at Carnegie Mellon University.

If exploited, the vulnerabilities could allow attackers to disable the networked devices, cause denial-of-service interruptions to websites and even gain administrative control over the devices, the group said.

The vulnerability could affect "anything that can be plugged into a network: PCs, printers, faxmachines," said Marty Lindner, team leader for incident handling at CERT.

"Large-scale outages of these devices could disable significant portions of the global network," thwatchdog group said in a statement.

Merely disabling SNMP may not be an option for many corporations since routine business activities, such as billing, may be affected, CERT said.

CERT has been working with vendors on the problem for about six months, Lindner said.

Fixes are in the works or completed from a variety of vendors, including Microsoft Corp, 3Com Corp, Cisco Systems Inc, Compaq Computer Corp, Sun Microsystems Inc, and Hewlett-Packard Co.

The flaws were discovered by the Oulu University Secure Programming Group at Oulu University in Finland.

More information about the vulnerabilities and fixes is available at www.cert.org/advisories/CA-2002-03.html. -- Reuters