[nsp-sec] Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities
Ilker Temir
itemir at cisco.com
Wed Jun 11 09:43:35 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Eli,
|> Multiple Cisco products contain either of two authentication
|> vulnerabilities in the Simple Network Management Protocol version 3
|> (SNMPv3) feature. These vulnerabilities can be exploited when
|> processing a malformed SNMPv3 message. These vulnerabilities could
|> allow the disclosure of network information or may enable an attacker
|> to perform configuration changes to vulnerable devices. The SNMP
|> server is an optional service that is disabled by default in Cisco
|> products. Only SNMPv3 is impacted by these vulnerabilities.
| ^^^^^^^^^^^^^^^^^^^^^^^^
|
| Does this mean that only SNMPv3 packets can exploit the vulnerability,
| or that the router must be configured for SNMPv3 in order to be
vulnerable?
Router must be configured for SNMPv3 to be vulnerable. If it is an
option for you to use another version, it will mitigate the
vulnerability. We are looking into updating the advisory with this
information.
Thanks,
Ilker
Cisco PSIRT
| For example, changing to a different version of SNMP is not listed in
| the workarounds section.
|
|
| --eli
|
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security
counter-measures.
_______________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkhP1ocACgkQ8/wE0ppYtwVOZwCfbCzuNFwbwH94cy5UHn5dDqqa
R38An0cICL69fypgh6SOKD7zeFxrLATR
=HIdr
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list