A little birdie told me to watch the Cert page (www.cert.org) today around 12noon PST.

Here it is:

http://www.cert.org/advisories/CA-2002-03.html

As SNMP is so widely used, this is a major league issue.

This is it .. worse than code Red .. the meltdown... since this morning I've been scanning and rescanning ournetworks for SNMP listeners :(

I've scanned through the article & not knowing much about networking, I gather this is a vulnerabilty with some networks that has just been discovered.

What I want to know is why has it taken so long to come to light?

The issue here is with a common management protocol (SNMP). This protocol is used to monitor, report and manage many many network devices. If you have a device that is SNMP capable (hubs, switches, routers etc) and is SNMP accessible (ie you have set it up to accept SNMP queries and commands) then you have a potentially exploitable hole.

As to why it took so long? can't really answer that, it may have been something no one ever looked at before.