Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

undocumented 3Com Netbuilder II SNMP ILMI commnity

From: Juan Manuel Pascual Escriba <pask () plazasite com>
Date: Wed, 23 May 2001 18:59:11 +0200





                      WWW.PLAZASITE.COM

                  Systems & Security Division








   Title:     3Com Netbuilder II SNMP ILMI Community

    Date:     15-5-2001

Platform:     Only tested Netbuilder II routers

  Author:     Juan Manuel Pascual (pask () plazasite com)

  Status:     Vendor Contacted but no answers received



OVERVIEW:

    It seems to exist an undocumented read-only SNMP community in 3Com

Netbuilder II Routers. The same happens in cisco and olicom routers. I

checked this feature in Netbuilder II with CEC20 processor. CPU version 9.3

and serial card firmware is 2.5 Its really an old router.



IMPACT:

    It is posible to obtain information from SNMP MiB.



SOLUTION:

    Disable snmp server and update when the patch will be available.



SPECIAL THANKS TO:

    Jose Manuel Pasamar:              jpasamar () cc upv es



--------------------------------------------------------------------

This vulnerability was researched by:

Juan Manuel Pascual Escriba:           pask () plazasite com
Previous By Date Next
Previous By Thread Next

Current thread: