SNMP Guessable Community String

1999-06-07T00:00:00
ID OSVDB:8076
Type osvdb
Reporter OSVDB
Modified 1999-06-07T00:00:00

Description

Vulnerability Description

SNMP contains a flaw that may allow a malicious user to guess the public and private community string. The issue is due to the insufficient access control in SNMP protocol. SNMP uses the public/private community strings to control read/write access to a network device information. Using default values set by vendors or by brute forcing the community strings, a remote attacker can guess a public/private community string to gather or modify the unauthorized network device information, resulting in a a loss of confidentiality, integrity, and/or availability.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Disable or remove the SNMP Service if it is not required. Create a strong community strings.

Short Description

SNMP contains a flaw that may allow a malicious user to guess the public and private community string. The issue is due to the insufficient access control in SNMP protocol. SNMP uses the public/private community strings to control read/write access to a network device information. Using default values set by vendors or by brute forcing the community strings, a remote attacker can guess a public/private community string to gather or modify the unauthorized network device information, resulting in a a loss of confidentiality, integrity, and/or availability.

References:

Vendor Specific Advisory URL Nessus Plugin ID:10264 Nessus Plugin ID:10265 ISS X-Force ID: 1241 Generic Informational URL: http://www.securiteam.com/exploits/Windows_NT_s_SNMP_service_vulnerability.html Generic Informational URL: http://www.saintcorporation.com/cgi-bin/demo_tut.pl?tutorial_name=Guessable_Read_Community.html&fact_color=doc&tag= Generic Informational URL: http://www.securiteam.com/exploits/Patrol_s_SNMP_Agent_3_2_can_lead_to_root_compromise.html CVE-1999-0516