Bugtraq mailing list archives
ATMSNMPD Vulnerable but not Addressed
From: Ross Coppage <coppager () scott disa mil>
Date: 13 May 2002 15:55:22 -0000
ATMSNMPD vulnerable???? Yep! I am challenging anyone out there to find information on line stating that Sun's ATMSNMPD is vulnerable to attack. As of today May 13 2002 there is no information identifying this fact. If you are running SunATM 4.0 or 5.0 and have not added the patches below you are vulnerable to attack. Is there sun documentation identifying the vulnerability and the urgent need to implement the patch? As of today there is not. Sun still has not publicly released this info. Why I don't know. I had to research the heck out of this to get this answer. See below for more info. Patches: 107915-13: SunATM 4.0 Update1: bug fixes 109039-09: SunATM 5.0: bug fixes (SEE BELOW FOR DETAILS) -----Original Message----- From: Dave Ahmad [mailto:da () securityfocus com] Sent: Wednesday, May 08, 2002 10:44 AM To: Coppage, Ross Subject: Re: Suns ATMSNMPD Vulnerable -Not identified Hi Ross, Thanks for the information, but do you have the patch IDs? Could you include that in a new message to the list? Dave Ahmad SecurityFocus www.securityfocus.com On Wed, 8 May 2002, Coppage, Ross wrote:
I have been researching the suns ATMSNMPD which is part
of the Sun ATM card
installation. Suns recent information addressing SNMP
security issues does
not mention ATMSNMPD. All CERT advisory and other sites
fail to mention it
as well. Sun has a patch but does not advertise this as
being vulnerable.
Unless you happen to apply the ATM patch you are
potentially vulnerable to
the attack. ATMSNMPD should be included in suns security
documentation
addressing SNMP. Additionally it should be included in
the IAVA information
released by the Government. Sun engineers did
acknowledge that it is
vulnerable and should be patched. If you don't have the
very latest patches
you are vulnerable. No security information ties the
patch to a
vulnerability. This needs to be identified and
associated with other recent
SNMP vulnerabilities. I only found this out after a
couple weeks of
research. Steven Northcut at SANS.org researched and
also found no information
associating ATMSNMPD with the recent vulnerabilities. If you follow (Suns) vendor security guidelines and
alerts you would never
find out about ATMSNMPDs vulnerability and or necessary
patch. I am sure
there are countless unpatched, vulnerable ATM cards out
there. This is just
a friendly heads up. Regards, Ross SNMP Vulnerability links: http://www.cert.org/advisories/CA-2002-03.html http://www.kb.cert.org/vuls/id/854306 Ross Coppage, MCSE UNIX System Administrator International Consultants Inc. DISA-CONUS (618) 229-8877 coppager () scott disa mil "No amount of ability is of the slightest avail without
honor."
Andrew Carnegie
Ross Coppage, MCSE UNIX System Administrator International Consultants Inc. DISA-CONUS (618) 229-8877 coppager () scott disa mil "No amount of ability is of the slightest avail without honor." Andrew Carnegie
Current thread:
- ATMSNMPD Vulnerable but not Addressed Ross Coppage (May 13)
- Re: ATMSNMPD Vulnerable but not Addressed Emre Yildirim (May 13)
- <Possible follow-ups>
- ATMSNMPD Vulnerable but not Addressed Coppage, Ross (May 13)