Penetration Testing mailing list archives
RE: snmp vulnerablities
From: "Petruzel, Oliver" <OliverP () aegisresearch com>
Date: Wed, 18 Jul 2001 09:27:31 -0400
this brings to mind the question which I always ask the thin air around me when discussing SNMP: why the heck are security software vendors developing NEW versions of their software WITHOUT snmpv3 capabilities?? Is it truly too difficult to assign a developer to change the entire trap module over to v3? New "updates" and entire new "versions" of some of today's most popular devices and software still use v1 only... I wont name names. from a penetration perspective, ty for making my job easier. from the consulting perspective, FIX IT, NOW! -Oliver p. Computer Intrusion Analyst Aegis Research Corp. -----Original Message----- From: Dave Ryan [mailto:dave.ryan () eircom net] Sent: Tuesday, July 17, 2001 3:47 PM To: Peter Van Epp Cc: pen-test () securityfocus com Subject: Re: snmp vulnerablities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Peter Van Epp said the following on Tue, Jul 17, 2001 at 11:06:17AM -0700,
My guess would be that the original poster is trying to exploit the Solaris SNMP hole (where an echo might make some sense since its a Unix
box)
but didn't know it (or at least didn't articulate it). It came across
bugtraq
some time ago so a search in the bugtraq archives may be productive. I
didn't
look closer than to make sure we had already disabled the program involved (probably by removing the SUID bit from the program) so I didn't check the details.
Correct, for general consumption: http://www.hack.co.za/download.php?sid=1377 As for comments on protecting SNMPv1 with ACL's and obfuscated Community Strings, that is laughable at best. A better solution is to run with SNMPv3 using AuthPriv functionality, seems like some of the popular management systems don't yet support v3 capabilities. Other solution is to tunnel SNMPv1/2c over IPSec, varyig configurations, I would be more concerned with management<->host authentication than going full ESP, but circumstances dictate. Regards. - -- Dave Ryan Computer Incident Response Team dave.ryan () eircom net Eircom Multimedia "I see dumb people. All the time." - Simple Nomad -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (OpenBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjtUli8ACgkQHSjBCI+q2yJ9wwCfaBS5NmARFGCii2bOgBnub0v3 g8QAniWiI1bL8R6IWkB8emwFJ0wLAM5Q =lNbC -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Re: snmp vulnerablities, (continued)
- Re: snmp vulnerablities Ron Russell (Jul 16)
- Re: snmp vulnerablities H C (Jul 16)
- Re: snmp vulnerablities Ron Russell (Jul 16)
- Re: snmp vulnerablities mht (Jul 17)
- Re: snmp vulnerablities Jon DeShirley (Jul 17)
- Re: snmp vulnerablities Peter Van Epp (Jul 17)
- Re: snmp vulnerablities mht (Jul 17)
- Re: snmp vulnerablities Dave Ryan (Jul 17)
- Re: snmp vulnerablities Ron Russell (Jul 16)
- Re: snmp vulnerablities Ron Russell (Jul 17)
- RE: snmp vulnerabilities Dom De Vitto (Jul 22)