Penetration Testing mailing list archives

Routes that are susceptible to SNMP

From: "Rod Strader" <Strader () doeren com>
Date: Tue, 4 Feb 2003 13:55:21 -0500

Good day everyone,

I am currently on a vulnerability assessment gig and found that a router
on the way to my clients target is susceptible to snmp with a community
string of public.  This device when looking at it shows the arp table
having my clients targets IP address in it.  What is the general
consensus of how dangerous this is to my client.  I don't know if I can
change anything with same community string but I can review all the
information on the device. Here is some of the information I found
walking the mib:

Description: Ascend Max-1800 BRI S/N: 8371001 Software +6.0.10+

This device appears to be the gateway router before their email server.
The arp table still has the target in it.  

Please comment!

Rod Strader





----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

RE: Routes that are susceptible to SNMP Rod Strader (Feb 05)
- RE: Routes that are susceptible to SNMP Pete Herzog (Feb 06)
- RE: Routes that are susceptible to SNMP Rob Shein (Feb 06)
- <Possible follow-ups>
- Routes that are susceptible to SNMP Rod Strader (Feb 05)
  - RE: Routes that are susceptible to SNMP Rob Shein (Feb 05)
  - Re: Routes that are susceptible to SNMP Iñigo González Ponce (Feb 05)