Vulnerability Development mailing list archives
Re: Router worm exploiting poor SNMP security.
From: Fyodor <fygrave () SCORPIONS NET>
Date: Thu, 14 Dec 2000 18:18:29 -0500
of a snmpd exploit that can execute remote commands, but I'm not sure, are MIB's even supposed to contain executable stuff? If there's thisOf course you can execute some commands remotely on cisco routers if you have the write community of the router. This is mostly used to download configurations to tftp servers or remotely restarts a router without having to login. For example: http://www.cisco.com/warp/public/477/21.html But I don't thing that one may use this to create a virus or trojan.
well, at least you can create trinoo-like distributed flooding network with it (you can execute ping and similar commands over snmp too, verified).
Current thread:
- Re: Router worm exploiting poor SNMP security., (continued)
- Re: Router worm exploiting poor SNMP security. M ixter (Dec 15)
- Re: Router worm exploiting poor SNMP security. Jose Nazario (Dec 15)
- Re: Router worm exploiting poor SNMP security. Lars Nygård (Dec 15)
- Re: Router worm exploiting poor SNMP security. N Catlow (Dec 15)
- Re: Router worm exploiting poor SNMP security. J Edgar Hoover (Dec 15)
- Re: Router worm exploiting poor SNMP security. Charles C. Lindsay (Dec 16)
- Message not available
- Re: Router worm exploiting poor SNMP security. Ralph Moonen (Dec 17)
- Re: Router worm exploiting poor SNMP security. Joe Shaw (Dec 18)
- Message not available
- SNMP community strings Ralph Moonen (Dec 17)
- Re: Router worm exploiting poor SNMP security. M ixter (Dec 15)
- Re: Router worm exploiting poor SNMP security. Fyodor (Dec 15)