Vulnerability Development mailing list archives
SNMP vul, Cisco routers, DoS without a community string possible?
From: Joshua Wright <Joshua.Wright () jwu edu>
Date: Thu, 14 Feb 2002 13:54:01 -0500
I have been experimenting with the PROTOS SNMP test cases for req-app test material against my Cisco 2621 running 12.0(7)T. I have been able to reliably force the router to crash/dump and reload when I have "snmp-server community public RO" or "snmp-server host 1.1.1.1 public" configured on the router, but am unable to DoS the router when configured with a community string that does not match the one used in the PROTOS test cases. The CERT advisory indicates that simply changing the community to a hard-to-guess value is "not sufficient to mitigate the impact of these vulnerabilities". Cisco also recommends applying ACL's to stop unspecified hosts from contacting UDP/161 on the router. Has anyone confirmed that Cisco and other vendors are subject to a DoS through the PROTOS test suite without prior knowledge of the SNMP community string? Many thanks. -Joshua Wright Team Leader, Networks and Systems Johnson & Wales University Joshua.Wright () jwu edu pgpkey: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD44B4A73 fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73
Current thread:
- SNMP vul, Cisco routers, DoS without a community string possible? Joshua Wright (Feb 14)
- Re: SNMP vul, Cisco routers, DoS without a community string possible? Eric Brandwine (Feb 15)