Security Incidents mailing list archives
new SNMP vuln?
From: Gary Golomb <gee_two () yahoo com>
Date: Thu, 7 Feb 2002 08:57:19 -0800 (PST)
Hello all! This is the third time in the past 24 hours I have heard about this from *completely* different sources, but cannot find anything on it. Does anyone here have additional details? Have any of the up-and-running honeypots seen anything? Thank you in advance! -gary
I got a call from one of my customers last night who just returned from a North American Network Operators' Group (NANOG) security conference. Apparently, a tool was written in a university in Finland that exploits SNMP vulnerabilities. One of the many things it does is send 1 packet to a router that disables the router. The tool was removed from several web sites in order to give vendors a chance to react--but you know how that goes. Whether it is in the wild now or not, is not the pressing issue. The issue is that it will be soon. It was explained that it was tested on a Cisco and Nortel router and proven effective. They are already working on a fix. I was informed that they tried to call some guy named "Henry Fiallo" to inform us as well.
Gary Golomb Research Engineer, Intrusion Detection Enterasys Networks 7160 Columbia Gateway Dr, #201 Columbia, MD 21044 Phone: 410-312-3194 x223 FAX: 410-312-4840 Email: ggolomb () enterasys com www: http://www.enterasys.com/ids/ __________________________________________________ Do You Yahoo!? Send FREE Valentine eCards with Yahoo! Greetings! http://greetings.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- new SNMP vuln? Gary Golomb (Feb 07)
- Re: new SNMP vuln? Mike Lewinski (Feb 07)
- Re: new SNMP vuln? James (Feb 07)
- Re: new SNMP vuln? H C (Feb 07)
- Re: new SNMP vuln? jason (Feb 12)
- Re: new SNMP vuln? Arthur Donkers (Feb 12)
- SNMP vulnerability test? Davis Ray Sickmon, Jr (Feb 12)
- Re: SNMP vulnerability test? Eric Brandwine (Feb 13)
- Re: SNMP vulnerability test? Valdis . Kletnieks (Feb 13)
- Re: SNMP vulnerability test? Eric Brandwine (Feb 13)
- Re: SNMP vulnerability test? Valdis . Kletnieks (Feb 13)
- Re: new SNMP vuln? jason (Feb 12)
- Re: new SNMP vuln? Mike Lewinski (Feb 07)