Bugtraq mailing list archives
Re: snmp problems still alive...
From: ryan () SECURITYFOCUS COM (Ryan Russell)
Date: Tue, 15 Feb 2000 19:54:09 -0800
Nice summary.
- Windows 98 (not 95) - public
You have to install the agent, it's not stock. And it's not so much that the world-writable string is "public" as it is that there isn't one. You'll get write access no matter what community name you use. MS made improvments under NT, 'cause it was the same, but it's still broken in 9x AFAIK. Check: http://www.nai.com/nai_labs/asp_set/advisory/30_nai_snmp.asp
- Sun/SPARC Ultra 10 (Ultra-5_10) - private
I'm sure I won't be the only one to point out that the SNMP problem is part of the OS (Solaris 2.6 and later) not the hardware. I suspect Sparc OpenBSD will be OK. :) Solaris 2.6 was the first version (I believe) to install an SNMP agent as part of a standard Solaris install. There were hard-coded SNMP community names that gave write access. There was also a patch. Check out: http://www.securityfocus.com/vdb/bottom.html?vid=177 At a previous job, Lucent installed a remote access server and left the SNMP write community as public. I don't think SNMP issues have gotten as much attention as they should. There are some really bad things one can do. Depending on platform, you can start and stop programs, kill processes, download all passwords, shut down the boxes, change hardware settings, all without any loggin in most cases. You really want to not have this problem. Ryan
Current thread:
- Re: cisco/ascend snmp config tool or exploit? -- Re: snmp problems still alive, (continued)
- Re: cisco/ascend snmp config tool or exploit? -- Re: snmp problems still alive Michal Zalewski (Feb 20)
- Patch Available for "VM File Reading" Vulnerability Microsoft Product Security (Feb 19)
- Re: cisco/ascend snmp config tool or exploit? -- Re: snmp problems still alive Michal Zalewski (Feb 20)
- unused bit attack alert LigerTeam (Feb 21)
- A.L.E.R.T.: BigMailBox.com href tokens leave mailboxes open to control by a malicious site. Cancer Omega (Feb 21)
- Re: unused bit attack alert Jochen Bauer (Feb 22)
- Re: unused bit attack alert Carlos García Argos (Feb 22)
- Re: unused bit attack alert CyberPsychotic (Feb 22)
- Re: snmp problems still alive... Damir Rajnovic (Feb 17)