Full Disclosure mailing list archives
RE: SNMP read-only opens up... what?
From: "Full-Disclosure" <Full-Disclosure () SecurityVolition com>
Date: Thu, 5 Jun 2003 19:10:54 -0400
What about the odd SNMP buffer overflow? Even if they can't get control they can DOS you. Depending on the hardware I might be able to download the config and crack any configuration passwords you have. If it doesn't provide a service needed by public addresses, why expose yourself? I see the question as not why shouldn't I, but why should I. -----Original Message----- From: lee.e.rian () census gov [mailto:lee.e.rian () census gov] Sent: Wednesday, June 04, 2003 5:37 PM To: peter moody Cc: full-disclosure () lists netsys com; full-disclosure-admin () lists netsys com Subject: Re: [Full-disclosure] SNMP read-only opens up... what?
why would you make this information available at all?
Why not? I know "why make it available at all?" is the proper question from a security standpoint. I'm just wondering what it opens you up to. Suppose a vendor has a bug in their software that creates a read-only community string with no access list protecting it. How much of an issue would that be and why? Regards, Lee |---------+--------------------------------------> | | peter moody | | | <peter () ucsc edu> | | | Sent by: | | | full-disclosure-admin@lists| | | .netsys.com | | | | | | | | | 06/04/03 03:10 PM | | | | |---------+-------------------------------------->
-----------------------------------------------------------------------
-------------------------------------------------------| | | | To: lee.e.rian () census gov | | cc: full-disclosure () lists netsys com | | Subject: Re: [Full-disclosure] SNMP read-only opens up... what? |
-----------------------------------------------------------------------
-------------------------------------------------------| you could get the product type, version information etc from certain mibs. you could tell how busy the site is, and from that infer how big a pipe you've got. There's a lot more. I would snmp-walk the device and find out what it tells you. but I've got to ask, why would you make this information available at all? On Wed, 2003-06-04 at 10:44, lee.e.rian () census gov wrote:
Say I configure a router with a read-only SNMP community of "public"
and
make it Internet accessible. What vulnerabilities or information disclosure does that open up that would be better left closed? A
switch?
Thanks, Lee
-- Peter Moody <peter () ucsc edu> InfoSec Administrator 831/459.5409 Communications and Technology Services. http://mustard.ucsc.edu/pubkey UC, Santa Cruz. :wq (See attached file: signature.asc) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- SNMP read-only opens up... what? lee . e . rian (Jun 04)
- Re: SNMP read-only opens up... what? peter moody (Jun 04)
- Re: SNMP read-only opens up... what? Thomas Cannon (Jun 04)
- <Possible follow-ups>
- Re: SNMP read-only opens up... what? Jason Stout (Jun 04)
- Re: SNMP read-only opens up... what? lee . e . rian (Jun 04)
- RE: SNMP read-only opens up... what? Full-Disclosure (Jun 05)