Quick Eagle Networks, Inc. is a provider of intelligent WAN access solutions for IP and frame relay networks, and the world leader in multilink access devices. Quick Eagle Networks continues to be committed to ensure a high level of security and reliability of our customer's networks. Part of this commitment includes prompt responses to security issues discovered by organizations such as the CERT(r) Coordination Center.

I. Overview

On February 12, 2002 the CERT(r)/CC released an advisory related to security vulnerabilities that may exist in network devices using SNMPv1 as the management protocol. In response to this advisory (CERT Advisory CA-2002-03: Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol), Quick Eagle Networks Inc. began immediately investigating whether these vulnerabilities impact Quick Eagle's products.

II. Test Procedures

Quick Eagle Networks is currently applying the PROTOS c06-SNMPv1 test suite to all products and its variations that feature SNMPv1 capability. The tests evaluate the robustness of the application logic of the SNMPv1 implementation as well as the robustness of the BER decoder of the SNMPv1 implementation.

III. Impact

Preliminary test results have not indicated any vulnerability that will allow an attacker to gain access. In general, Quick Eagle Networks' products use out of band management, eliminating the chances of an attacker to gain access from the outside of a network. While most of Quick Eagle Networks' newer WAN access devices have passed the test, some of Quick Eagle Networks' older products are still under investigation.

IV. Solution

Until Quick Eagle Networks has completed testing on all of its products and provided patches or fixes to eliminate these vulnerabilities, Quick Eagle Networks recommends considering one or more of the following solutions, as also identified in CERT(r) Advisory CA-2002-03, to minimize your network's potential exposure to these vulnerabilities:

Disable SNMP on the device Change the default community strings Disconnect the management port. This won't have any impact on your network traffic as Quick Eagle's solution use out of band management.

The recommendations above apply only for those products that are still under evaluation. Please refer to our status report for further information.

V. Status Reports

The following chart displays all of Quick Eagle Networks' products and their current test status. As further results become available, the status report will be updated:

Product	Model Number	Status
Network Management
Management Access Processor	DL030	Passed
56/64 kbps Products
Solo Select 56/64	DL064-C-L2	Passed
Duet 56/64 DSU	DL064	Passed
Prelude 56 DSU	DL056	Passed
T1 and NxT1 Products
Solo Select T1 DSU	DL087-0	Passed
Solo T1 DSU	DL085	Passed
Prelude T1 DSU	DL080	Passed
Solo T1 CSU	DL070	Passed
VX Encore T1 Access Multiplexer (Base Model)	DL090	Passed
VX Encore T1 Access Multiplexer with DS1	DL090-P-D	Passed
DL100 Encore T1 Access Multiplexer (AC, 2 DTE, 1 DSE port)	DL100ENC-P-02	Passed
DL100 Encore T1 Access Multiplexer (DC, 2 DTE, 1 DSE port)	DL100ENC-P-02-DC	Passed
DL100 Encore T1 Access Multiplexer (AC, 4 DTE ports)	DL100ENC-P-04	Passed
DL100 Encore T1 Access Multiplexer (DC, 42 DTE ports)	DL100ENC-P-04-DC	Passed
DL100 Encore T1 Access Multiplexer (AC, 6 DTE ports)	DL100ENC-P-06	Passed
DL100 Encore T1 Access Multiplexer (DC, 6 DTE ports)	DL100ENC-P-06-DC	Passed
DL3800 T1 Inverse Multiplexer (AC, 2 ports, CSU interface)	DL3800-AC-CSU02	Passed
DL3800 T1 Inverse Multiplexer (AC, 4 ports, CSU interface)	DL3800-AC-CSU04	Passed
DL3800 T1 Inverse Multiplexer (AC, 6 ports, CSU interface)	DL3800-AC-CSU06	Passed
DL3800 T1 Inverse Multiplexer (AC, 8 ports, CSU interface)	DL3800-AC-CSU08	Passed
DL3800 T1 Inverse Multiplexer (AC, 2 ports, DSX interface)	DL3800-AC-DSX02	Passed
DL3800 T1 Inverse Multiplexer (AC, 4 ports, DSX interface)	DL3800-AC-DSX04	Passed
DL3800 T1 Inverse Multiplexer (AC, 6 ports, DSX interface)	DL3800-AC-DSX06	Passed
DL3800 T1 Inverse Multiplexer (AC, 8 ports, DSX interface)	DL3800-AC-DSX08	Passed
DL3800 T1 Inverse Multiplexer (DC, 2 ports, CSU interface)	DL3800-DC-CSU02	Passed
DL3800 T1 Inverse Multiplexer (DC, 4 ports, CSU interface)	DL3800-DC-CSU04	Passed
DL3800 T1 Inverse Multiplexer (DC, 6 ports, CSU interface)	DL3800-DC-CSU06	Passed
DL3800 T1 Inverse Multiplexer (DC, 8 ports, CSU interface)	DL3800-DC-CSU08	Passed
DL3800 T1 Inverse Multiplexer (DC, 2 ports, DSX interface)	DL3800-DC-DSX02	Passed
DL3800 T1 Inverse Multiplexer (DC, 4 ports, DSX interface)	DL3800-DC-DSX04	Passed
DL3800 T1 Inverse Multiplexer (DC, 6 ports, DSX interface)	DL3800-DC-DSX06	Passed
DL3800 T1 Inverse Multiplexer (DC, 8 ports, DSX interface)	DL3800-DC-DSX08	Passed
DL5400 MultiLink Access Device (AC, 4 T1 ports)	DL5400-AC-4TMP	Passed
DL5400 MultiLink Access Device (AC, 8 T1 ports)	DL5400-AC-8TMP	Passed
DL5400 MultiLink Access Device (DC, 4 T1 ports)	DL5400-DC-4TMP	Passed
DL5400 MultiLink Access Device (DC, 4 T1 ports)	DL5400-DC-8TMP	Passed
DL5400 Interface Module (8xT1)	DL5800-8T-UPG	Passed
4200 IP Access Platform (Base Model)	4200T	Passed
4200 IP Access Platform (Access Multiplexer SAP)	SAP 4200T-2	Passed
4200 IP Access Platform (Serial WAN Probe SAP)	SAP 4200T-5	Passed
4200 IP Access Platform (3 Mbps Multilink Frame Relay SAP)	SAP 4200T-7	Passed
4210 CSU/DSU	4210T-1	Passed
4220 Multiplexer	4220T-1	Passed
4230 Access Router	4230T-1	Passed
4240 Dual Link Router	4240T-1	Passed
5800 IP Access Platform (6 Mbps, 4xT1)	5800T-4PT-MFLR	Passed
5800 IP Access Platform (12 Mbps, 8xT1)	5800T-8PT-MFLR	Passed
T3 Products
DL3100 T3 Access Multiplexer (AC, downloadable code, 1 V.35 port)	DL3100-AC-C-V	Passed
DL3100 T3 Access Multiplexer (AC, downloadable code, 1 HSSI port)	DL3100-AC-C-H	Passed
DL3100 T3 Access Multiplexer (AC, downloadable code, 2 V.35 ports)	DL3100-AC-C-VV	Passed
DL3100 T3 Access Multiplexer (AC, downloadable code, 1 V.35 port, 1 HSSI port)	DL3100-AC-C-HV	Passed
DL3100 T3 Access Multiplexer (AC, downloadable code, 2 HSSI ports)	DL3100-AC-C-HH	Passed
DL3100 T3 Access Multiplexer (AC, downloadable code, 3 V.35 ports)	DL3100-AC-C-VVV	Passed
DL3100 T3 Access Multiplexer (AC, downloadable code, 2 V.35 ports, 1 HSSI port)	DL3100-AC-C-HVV	Passed
DL3100 T3 Access Multiplexer (AC, downloadable code, 1 V.35 port, 2 HSSI ports)	DL3100-AC-C-HHV	Passed
DL3100 T3 Access Multiplexer (AC, downloadable code, 3 HSSI port)	DL3100-AC-C-HHH	Passed
DL3100 T3 Access Multiplexer (DC, downloadable code, 1 V.35 port)	DL3100-DC-C-V	Passed
DL3100 T3 Access Multiplexer (DC, downloadable code, 1 HSSI port)	DL3100-DC-C-H	Passed
DL3100 T3 Access Multiplexer (DC, downloadable code, 2 V.35 ports)	DL3100-DC-C-VV	Passed
DL3100 T3 Access Multiplexer (DC, downloadable code, 1 V.35 port, 1 HSSI port)	DL3100-DC-C-HV	Passed
DL3100 T3 Access Multiplexer (DC, downloadable code, 2 HSSI ports)	DL3100-DC-C-HH	Passed
DL3100 T3 Access Multiplexer (DC, downloadable code, 3 V.35 ports)	DL3100-DC-C-VVV	Passed
DL3100 T3 Access Multiplexer (DC, downloadable code, 2 V.35 ports, 1 HSSI port)	DL3100-DC-C-HVV	Passed
DL3100 T3 Access Multiplexer (DC, downloadable code, 1 V.35 port, 2 HSSI ports)	DL3100-DC-C-HHV	Passed
DL3100 T3 Access Multiplexer (DC, downloadable code, 3 HSSI port)	DL3100-DC-C-HHH	Passed
Shelf System Products (T1)
DL2120 Solo T1 DSU Module	DL2120	Passed
DL2130 Ensemble WAN Control Module A	DL2130	Passed
DL2131 Management Access Processor Module	DL2131	Passed
DL2164 Duet 56/64 DSU Module	DL2164	Passed
DL2164-C-L2 Solo Select 56/64 DSU Module	DL2164-C-L2	Passed
DL2170 Solo T1 CSU Module	DL2170	Passed
DL2187 Solo Select T1 DSU Module	DL2187	Passed
DL3916 Management Access Processor	DL3916	Passed
DL3935 4 Port DSX Package	DL3935	Passed
DL3936 8 Port DSX Package	DL3936	Passed
DL3937 4 Port DSX Package	DL3937	Passed
DL3938 8 Port DSX Package	DL3938	Passed
DL3961 T3 Mux w/one V.35 Interface	DL3961	Passed
DL3962 T3 Mux w/one HSSI Interface	DL3962	Passed
DL3963 T3 Mux w/one V.35 and HSSI Interface	DL3963	Passed
DL3964 T3 Mux w/two HSSI Interfaces	DL3964	Passed
DL3965 T3 Mux w/one V.35 and two HSSI Interfaces	DL3965	Passed
E1 and NxE1 Products
Solo Select E1 DSU (75 ohm)	DL087E-0-075b	Passed
Solo Select E1 DSU (120 ohm)	DL087E-0-120d	Passed
Solo E1 DSU (75 ohm)	DL085E-075b	Passed
Solo E1 DSU (120 ohm)	DL085E-120d	Passed
DL200E E1 SMDS	DL200E	Passed
DL220E E1 SMDS	DL220E	Evaluating
DL600 E E1 Access Multiplexer (AC, 2 DTE ports)	DL600E-AC-02	Passed
DL600 E E1 Access Multiplexer (AC, 4 DTE ports)	DL600E-AC-04	Passed
DL600 E E1 Access Multiplexer (AC, 2 DTE ports, Drop-and-insert)	DL600E-AC-02D	Passed
DL600 E E1 Access Multiplexer (AC, 4 DTE ports, Drop-and-insert)	DL600E-AC-04D	Passed
DL600 E E1 Access Multiplexer (DC, 2 DTE ports)	DL600E-DC-02	Passed
DL600 E E1 Access Multiplexer (DC, 4 DTE ports)	DL600E-DC-04	Passed
DL600 E E1 Access Multiplexer (DC, 2 DTE ports, Drop-and-insert)	DL600E-DC-02D	Passed
DL600 E E1 Access Multiplexer (DC, 4 DTE ports, Drop-and-insert)	DL600E-DC-04D	Passed
DL3800 E1 Inverse Multiplexer (AC, 2 ports, DA-15 interface)	DL3800-AC-d02	Passed
DL3800 E1 Inverse Multiplexer (AC, 4 ports, DA-15 interface)	DL3800-AC-d04	Passed
DL3800 E1 Inverse Multiplexer (AC, 6 ports, DA-15 interface)	DL3800-AC-d06	Passed
DL3800 E1 Inverse Multiplexer (AC, 8 ports, DA-15 interface)	DL3800-AC-d08	Passed
DL3800 E1 Inverse Multiplexer (AC, 2 ports, BNC interface)	DL3800-AC-b02	Passed
DL3800 E1 Inverse Multiplexer (AC, 4 ports, BNC interface)	DL3800-AC-b04	Passed
DL3800 E1 Inverse Multiplexer (AC, 6 ports, BNC interface)	DL3800-AC-b06	Passed
DL3800 E1 Inverse Multiplexer (AC, 8 ports, BNC interface)	DL3800-AC-b08	Passed
DL3800 E1 Inverse Multiplexer (DC, 2 ports, DA-15 interface)	DL3800-DC-d02	Passed
DL3800 E1 Inverse Multiplexer (DC, 4 ports, DA-15 interface)	DL3800-DC-d04	Passed
DL3800 E1 Inverse Multiplexer (DC, 6 ports, DA-15 interface)	DL3800-DC-d06	Passed
DL3800 E1 Inverse Multiplexer (DC, 8 ports, DA-15 interface)	DL3800-DC-d08	Passed
DL3800 E1 Inverse Multiplexer (DC, 2 ports, BNC interface)	DL3800-DC-b02	Passed
DL3800 E1 Inverse Multiplexer (DC, 4 ports, BNC interface)	DL3800-DC-b04	Passed
DL3800 E1 Inverse Multiplexer (DC, 6 ports, BNC interface)	DL3800-DC-b06	Passed
DL3800 E1 Inverse Multiplexer (DC, 8 ports, BNC interface)	DL3800-DC-b08	Passed
4200 IP Access Platform (75 ohm network/Aux)	4200E-1	Passed
4200 IP Access Platform (75 ohm network/120 ohm Aux)	4200E-2	Passed
4200 IP Access Platform (120 ohm network/75 ohm Aux)	4200E-3	Passed
4200 IP Access Platform (Access Multiplexer SAP)	SAP 4200E-2	Passed
4200 IP Access Platform (Serial WAN Probe SAP)	SAP 4200E-5	Passed
4210 CSU/DSU (75 ohm network/Aux)	4210E-1	Passed
4210 CSU/DSU (75 ohm network/120 ohm Aux)	4210E-2	Passed
4210 CSU/DSU (120 ohm network/75 ohm Aux)	4210E-3	Passed
4210 CSU/DSU (120 ohm network/120 ohm Aux)	4210E-4	Passed
4220 Multiplexer (75 ohm network/Aux)	4220E-1	Passed
4220 Multiplexer (75 ohm network/120 ohm Aux)	4220E-2	Passed
4220 Multiplexer (120 ohm network/75 ohm Aux)	4230E-3	Passed
4220 Multiplexer (120 ohm network/120 ohm Aux)	4240E-4	Passed
4230 Access Router (75 ohm network/Aux)	4230E-1	Passed
4230 Access Router (120 ohm network/Aux)	4230E-4	Passed
4240 Dual Link Router (75 ohm network/Aux)	4240E-1	Passed
4240 Dual Link Router (120 ohm network/Aux)	4240E-4	Passed
5800E IP Access Platform (8 Mbps, 4xE1, 120 ohm)	5800E-4PT-120	Passed
5800E IP Access Platform (12 Mbps, 6xE1, 120 ohm)	5800E-6PT-120	Passed
5800E IP Access Platform (8 Mbps, 4xE1, 75 ohm)	5800E-4PT-075	Passed
5800E IP Access Platform (12 Mbps, 6xE1, 75 ohm)	5800E-6PT-075	Passed
5800E IP Access Platform with MultiLink PPP SAP	SAP-5800E-MLPPP	Passed
E3 Products
DL3100E E3 Access Multiplexer (AC, downloadable code, HSSI port, BNC)	DL3100E-AC-C-H-b	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, V.35 port, BNC)	DL3100E-AC-C-V-b	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, 2 HSSI ports, BNC)	DL3100E-AC-C-HH-b	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, 2 V.35 ports, BNC)	DL3100E-AC-C-VV-b	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, V.35 port, HSSI port, BNC)	DL3100E-AC-C-HV-b	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, 3 HSSI ports, BNC)	DL3100E-AC-C-HHH-b	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, V.35 port, 2 HSSI ports, BNC)	DL3100E-AC-C-HHV-b	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, 2 V.35 ports, HSSI port, BNC)	DL3100E-AC-C-HVV-b	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, 3 V.35 ports, BNC)	DL3100E-AC-C-VVV-b	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, HSSI port, DIN)	DL3100E-AC-C-H-d	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, V.35 port, DIN)	DL3100E-AC-C-V-d	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, 2 HSSI ports, DIN)	DL3100E-AC-C-HH-d	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, 2 V.35 ports, DIN)	DL3100E-AC-C-VV-d	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, V.35 port, HSSI port, DIN)	DL3100E-AC-C-HV-d	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, 3 HSSI ports, DIN)	DL3100E-AC-C-HHH-d	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, V.35 port, 2 HSSI ports, DIN)	DL3100E-AC-C-HHV-d	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, 2 V.35 ports, HSSI port, DIN)	DL3100E-AC-C-HVV-d	Passed
DL3100E E3 Access Multiplexer (AC, downloadable code, 3 V.35 ports, DIN)	DL3100E-AC-C-VVV-d	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, HSSI port, BNC)	DL3100E-DC-C-H-b	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, V.35 port, BNC)	DL3100E-DC-C-V-b	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, 2 HSSI ports, BNC)	DL3100E-DC-C-HH-b	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, 2 V.35 ports, BNC)	DL3100E-DC-C-VV-b	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, V.35 port, HSSI port, BNC)	DL3100E-DC-C-HV-b	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, 3 HSSI ports, BNC)	DL3100E-DC-C-HHH-b	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, V.35 port, 2 HSSI ports, BNC)	DL3100E-DC-C-HHV-b	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, 2 V.35 ports, HSSI port, BNC)	DL3100E-DC-C-HVV-b	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, 3 V.35 ports, BNC)	DL3100E-DC-C-VVV-b	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, HSSI port, DIN)	DL3100E-DC-C-H-d	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, V.35 port, DIN)	DL3100E-DC-C-V-d	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, 2 HSSI ports, DIN)	DL3100E-DC-C-HH-d	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, 2 V.35 ports, DIN)	DL3100E-DC-C-VV-d	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, V.35 port, HSSI port, DIN)	DL3100E-DC-C-HV-d	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, 3 HSSI ports, DIN)	DL3100E-DC-C-HHH-d	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, V.35 port, 2 HSSI ports, DIN)	DL3100E-DC-C-HHV-d	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, 2 V.35 ports, HSSI port, DIN)	DL3100E-DC-C-HVV-d	Passed
DL3100E E3 Access Multiplexer (DC, downloadable code, 3 V.35 ports, DIN)	DL3100E-DC-C-VVV-d	Passed
DL3200E E3 SMDS	DL32XXE*	Evaluating
Shelf System Products (E1)
DL2130 Ensemble WAN Control Module A	DL2130	Passed
DL2131 Management Access Processor Module	DL2131	Passed
DL2020E-075b Solo E1 DSU Module (75 ohm)	DL2020E-075b	Passed
DL2020E-120d Solo E1 DSU Module (120 ohm)	DL2020E-120d	Passed
DL2187E-0-075b Solo Select E1 DSU (75 ohm)	DL2187E-0-075b	Passed
DL2187E-0-120d Solo Select E1 DSU (120 ohm)	DL2187E-0-120d	Passed
Digital Subscriber Line Products
Ethernet LAN Extender 4200 SDSL	4200 SDSL	Passed
DL6282 SDSL (Ethernet Bridge for T/E)	DL6282	Passed
DL6180E E1 HDSL	DL6180E	Passed
DL6270E E1 SDSL (75 ohm)	DL6270E-075	Passed
DL6270E E1 SDSL (120 ohm)	DL6270E-120	Passed
DL6280E E1 SDSL	DL6280E	Passed