Bugtraq mailing list archives
Re: snmp problems still alive...
From: jcomeau () DIALTONEINTERNET NET (John Comeau)
Date: Tue, 15 Feb 2000 18:18:12 -0500
Cisco 1924s for sure have "public" as rw string and "private" for ro, and I'm about 80% sure the 2924 does too. Many Cisco routers have an snmp "feature" with security ramifications which Damir Rajnovic has agreed to post to Bugtraq (as of Jan. 1), but I guess Cisco's lawyers have to hash it out for a few more weeks before he'll be allowed to. If he doesn't, I will - jc Michal Zalewski wrote:
Days ago, there was a discussion about world-readable snmp communities, some people thought it was bad enough. Amazingly, I've found that a lot of network devices (such as intelligent switches, WAN/LAN routers, ISDN/DSL modems, remote access machines and even some user-end operating systems) are by default configured with snmp enabled and unlimited access with *write* privledges. It allows attacker to modify routing tables, status of network interfaces and other vital system data, and seems to be extermely dangerous. To make things even worse, some devices seems to tell that write permission for given community is disabled, but you can still successfully write to it - and other devices won't let you to set up snmp access at all (eg. some modems and switches).
-- John Comeau - Chief Operating Officer Dialtone Internet - Extremely Fast Web Systems 954-581-0097 fax://954-581-7629 jcomeau () dialtoneinternet net http://www.dialtoneinternet.net
Current thread:
- Re: flex license manager tempfile predictable name..., (continued)
- Re: flex license manager tempfile predictable name... David Evans (Feb 23)
- FreeBSD Security Advisory: FreeBSD-SA-00:03.asmon Kris Kennaway (Feb 19)
- Re: cisco/ascend snmp config tool or exploit? -- Re: snmp problems still alive Michal Zalewski (Feb 20)
- Patch Available for "VM File Reading" Vulnerability Microsoft Product Security (Feb 19)
- Re: cisco/ascend snmp config tool or exploit? -- Re: snmp problems still alive Michal Zalewski (Feb 20)
- unused bit attack alert LigerTeam (Feb 21)
- A.L.E.R.T.: BigMailBox.com href tokens leave mailboxes open to control by a malicious site. Cancer Omega (Feb 21)
- Re: unused bit attack alert Jochen Bauer (Feb 22)
- Re: unused bit attack alert Carlos García Argos (Feb 22)
- Re: unused bit attack alert CyberPsychotic (Feb 22)
- Re: snmp problems still alive... Damir Rajnovic (Feb 17)