Security Incidents mailing list archives
Re: SNMP vulnerability test?
From: Valdis.Kletnieks () vt edu
Date: Wed, 13 Feb 2002 12:55:13 -0500
On Wed, 13 Feb 2002 00:34:00 GMT, Eric Brandwine said:
What're they printing from? I'd check that first. The number of win98/nt/2k hosts listening on SNMP is terrifying.
How did it get turned on? Microsoft said in the CERT advisory: Summary: All Microsoft implementations of SNMP v1 are affected by the vulnerability. The SNMP v1 service is not installed or running by default on any version of Windows. A patch is underway to eliminate the vulnerability. In the meantime, we recommend that affected customers disable the SNMP v1 service. Is this like the "W2K doesn't install IIS, but if you upgraded a machine that had Personal Webpage (or whatever it was) it will upgrade that to IIS"? -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Attachment:
_bin
Description:
Current thread:
- new SNMP vuln? Gary Golomb (Feb 07)
- Re: new SNMP vuln? Mike Lewinski (Feb 07)
- Re: new SNMP vuln? James (Feb 07)
- Re: new SNMP vuln? H C (Feb 07)
- Re: new SNMP vuln? jason (Feb 12)
- Re: new SNMP vuln? Arthur Donkers (Feb 12)
- SNMP vulnerability test? Davis Ray Sickmon, Jr (Feb 12)
- Re: SNMP vulnerability test? Eric Brandwine (Feb 13)
- Re: SNMP vulnerability test? Valdis . Kletnieks (Feb 13)
- Re: SNMP vulnerability test? Eric Brandwine (Feb 13)
- Re: SNMP vulnerability test? Valdis . Kletnieks (Feb 13)
- Re: SNMP vulnerability test? Chris Ess (Feb 13)
- Re: new SNMP vuln? jason (Feb 12)
- Re: new SNMP vuln? Mike Lewinski (Feb 07)
- <Possible follow-ups>
- RE: new SNMP vuln? Rob Keown (Feb 12)
- Re: new SNMP vuln? Patrick Oonk (Feb 12)