Re: ISS Security Advisory: Hidden community string in SNMP

[mmorris () OPS COM (Matt M. Morris)]

I am seeing the same results on a 2.6 and a 2.5.1 system with B.5.01 NNM
installed.

matt


> I have tried these on a Solaris 2.6 system whose snmpd binary has been
> replaced with the binary from HP Openview Network Node Manager B.05.01.
> The Solaris install was patched to current in August, and the HP-NNM has
> consolidated patch PSOV_02091  installed, and patches PSOV_02131 &
PSOV_02134.
> I don't recal from the release notes what these patches patched specifically,
> but as they were installed on Sep 28, 1998, I assume them to be previous to
> this thread.
>
> Using snmpd as the community string did return the results of snmpwalk from
> the localhost, using HP's snmpwalk binary.  Using the snmpd community from a
> remote host did not return any output.  When using snmpget from a remote
host,
> errors were returned stating that the mib variables being gotten did not
exist.
> variables like system.sysObjectId.0 and system.sysUptime.0.
>
> Using the snmpd.conf configured communities retrieved all the data without a
> problem.  This was tested on the only two Solaris machines that I have access
> to, both with HP's snmpd binary, both have the same level of vulnerability.
> (ie, using the snmpd comm, data was only retrievable from the localhost)
>
> More informations as it becomes available.
>
> Thanks,
>
> Tim




Matt M. Morris
Consultant


Onion Peel Solutions                    Ph: (919) 821-8004  x242
3101 Industial Drive, Suite 200         Fx: (919) 821-3364
Raleigh, NC 27609                       http://www.ops.com