GEN:SID 1:1427
Message SNMP PROTOS test-suite-trap-app attempt
Summary This event is generated when an attempt is made to attack a device using SNMP v1.
Impact Varies depending on the implementation. Ranges from Denial of Service (DoS) to code execution.
Detailed Information SNMP is a widely adopted protocol for managing IP networks, including individual network devices, and devices in aggregate.

Several network devices come pre-installed with this protocol for management and monitoring.

A number of vulnerabilities exist in SNMP v1, including a community string
buffer overflow, that will allow an attacker to execute arbitrary code or shutdown the service.
Affected Systems Any implementation of SNMP v1 protocol
    
Attack Scenarios An attacker needs to send a specially crafted packet to UDP port 161
of a vulnerable device, causing a Denial of Service or possible execution of
arbitrary code.
Ease of Attack Simple.
Corrective Action Disable the SNMP v1 protocol, use SNMP v2 protocol as an alternative.

Disable the use of SNMP for devices that do not need it.

Use Ingress/Egress filtering on a packet filtering firewall.
Additional References CERT:
http://www.cert.org/advisories/CA-2002-03.html
Rule References url: www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html