Penetration Testing mailing list archives
Re: Routes that are susceptible to SNMP
From: Iñigo González Ponce <IGONZALEZ () ati es>
Date: Wed, 05 Feb 2003 13:54:15 +0100 (CET)
"public" and "private" are out-of-the-box default community strings for read and read-write access almost any network equipment. Get the private MIB for the Ascend MAX (now Lucent), and look at what you can get ;-). With the read-write comminity you can get, alter, wipe, the router config, you can reboot it, create users, modify the routing table, etc... I don't remeber if the MAX-1600 has tunneling capabilies.... if so, you can create a tunnel to your own machine and... Hope this helps, -- Iñigo Quoting Rod Strader <Strader () doeren com>:
Good day everyone, I am currently on a vulnerability assessment gig and found that a router on the way to my clients target is susceptible to snmp with a community string of public. This device when looking at it shows the arp table having my clients targets IP address in it. What is the general consensus of how dangerous this is to my client. I don't know if I can change anything with same community string but I can review all the information on the device. Here is some of the information I found walking the mib: Description: Ascend Max-1800 BRI S/N: 8371001 Software +6.0.10+ This device appears to be the gateway router before their email server. The arp table still has the target in it. Please comment! Rod Strader ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
-- Iñigo González Ponce <igonzalez .at .exocert .dot. com> ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- RE: Routes that are susceptible to SNMP Rod Strader (Feb 05)
- RE: Routes that are susceptible to SNMP Pete Herzog (Feb 06)
- RE: Routes that are susceptible to SNMP Rob Shein (Feb 06)
- <Possible follow-ups>
- Routes that are susceptible to SNMP Rod Strader (Feb 05)
- RE: Routes that are susceptible to SNMP Rob Shein (Feb 05)
- Re: Routes that are susceptible to SNMP Iñigo González Ponce (Feb 05)