COMMAND

    APC PowerNet SNMP DoS

SYSTEMS AFFECTED

    APC PowerNet SNMP

PROBLEM

    Tim Yocum found following.  After installing an APC PowerNet  SNMP
    module (v3.0.0, firmware revision 82.9.D MWD) into a SmartUPS 2200
    and tested a few of the well-known DoS attacks on it after getting
    the module  up on  the network,  the results  were surprise.   The
    module  will  reboot  after  being  hit  with nestea/teardrop, and
    probably  others  (take  a  look  at  IP Fragment Overlap in Linux
    section of Security Bugware -  also some modified versions can  be
    found in NT section).

SOLUTION

    The protocol stack fixes for  the SNMP Adapter are complete.   APC
    are Beta testing the new firmware changes during the next  several
    weeks.  The SNMP Adapter v3.0.2.b can now successfully survive the
    following  attacks:   Ping  of  Death,  Nestea,  Bonk, Jolt, Land,
    Newtear, Syndrop, Teardrop, Winnuke.