04-16-2009 02:00 PM
Hi,
We need to implement an emergency workaround to protect our environment based on the
recently released bugID CSCsy4140.
Our objective is to implement a snmp-server view which prevents access to any SNMP OIDs
that are identified in the CISCO-ENERGYWISE-MIB to prevent the possibility of triggering
this apparent memory leak.
Unfortunately, bugID CSCsy4140 is flagged as internal and contains no more publically
viewable information. Additionally, the CISCO-ENERGYWISE-MIB is not currently published on
CCO or available through any other means I could find.
Is is possible to be done.
Please check and suggest.
We are seeking only the information required to build an effective snmp-server view
(cutdown) to prevent access to any OIDs that are associated with EnergyWise MIB in order
to temporarily mitigate this vulnerability until such time where a device running
vulnerable code can be upgraded to the fixed version <12.2(50)SE1>.
04-16-2009 03:00 PM
This is not a valid bug ID. It's missing a digit.
04-16-2009 03:21 PM
Found the bug, CSCsy41470. The affected branch is cewEntTable. You can exclude 1.3.6.1.4.1.9.9.683.1.6 in your SNMP view.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide