Multiple Vendor SNMP Overflow

2002-02-12T00:00:00
ID OSVDB:4850
Type osvdb
Reporter Oulu University Secure Programming Group ()
Modified 2002-02-12T00:00:00

Description

Vulnerability Description

Multiple inplementations of SNMP contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an overflow occurs. This flaw may lead to a loss of Confidentiality, Integrity and Availability.

Solution Description

The solution is to disable SNMP where it is not needed. If SNMP is used, it is recomended you go to your vendor's website and download the patch if your product appears in the CERT document.

Short Description

Multiple inplementations of SNMP contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an overflow occurs. This flaw may lead to a loss of Confidentiality, Integrity and Availability.

References:

Vendor URL: http://www.ncipher.com/ Vendor Specific Advisory URL Vendor Specific Advisory URL Microsoft Security Bulletin: MS02-006 Keyword: Overflow Keyword: SNMP Keyword: nCipher Security Advisory #2 CVE-2002-0053 CERT VU: 854306 CERT VU: 107186 CERT: CA-2002-03