"Treptow, Craig" <Treptow.Craig AT principal DOT com> writes:
> Last month, I read this statement from Todd H. claiming Netview is
> clean.  

Don't take my word for it--I was commenting on the initial statement
released in the alert.  

I just checked back and it seems they've added a substantial amount of
additional info that indicates things you need to check, and the story
has changed dramatically:

from http://www.cert.org/advisories/CA-2002-03.html  today:
----------------------------------------------------------------------

    Tivoli Systems

    IBM Tivoli has identified that, in the absence of properly configured
    perimeter firewall protection, the following Tivoli products are
    potentially vulnerable with respect to the CERT Advisory
    CA-2002-03.
        Tivoli NetView for OS/390 Version 1 Release 2, 3 and 4
        Tivoli Enterprise Console (SNMP adapter only)
        Tivoli Storage Network Manager
        Tivoli NetView for Unix Version 7.1and earlier
        Tivoli NetView for Windows Version 7.1 and earlier

[snip]

    Tivoli NetView for Unix, Tivoli NetView for Windows 

    The trap handling subsystems are vulnerable to a service
    interruption related to VU#107186.  The Mid-Level Manager agents
    on some platforms are vulnerable to a service interruption related
    to VU#854306.  These conditions are present in Tivoli NetView V7.1
    and earlier.  Solutions are currently being tested and will be
    available in an upcoming service release.


In contrast, the original release of the CERT advisory on Feb 12 was
worded: 
----------------------------------------------------------------------
    Tivoli Systems
    
    Our analysis indicates that this vulnerability does not affect the
    Tivoli NetView product.





-- 
Todd H.
http://www.toddh.net/