308 matches found
Hirschmann "Classic Platform" switches reveal administrator password in SNMP community string by default
Overview Hirschmann "Classic Platform" switches contain a password sync feature that syncs the switch administrator password with the SNMP community password, exposing the administrator password to attackers on the local network. Description CWE-257: Storing Passwords in a Recoverable Format For...
Common SNMP Community String Detection
Binary data 7135.pasl...
Net-creds - Sniff passwords and hashes from an interface or pcap file
Thoroughly sniff passwords and hashes from an interface or pcap file. Concatenates fragmented packets and does not rely on ports for service identification. Sniffs URLs visited POST loads sent HTTP form logins/passwords HTTP basic auth logins/passwords HTTP searches FTP logins/passwords IRC...
Sniff Sensitive Data From Interface or pcap: net-creds
Thoroughly sniff passwords and hashes from an interface or pcap file. Concatenates fragmented packets and does not rely on ports for service identification. Sniffs URLs visited POST loads sent HTTP form logins/passwords HTTP basic auth logins/passwords HTTP searches FTP logins/passwords IRC...
SNMP Community String Detection
Binary data 7134.pasl...
Linksys BEFVP4 SNMP Community String Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7317/info Linksys BEFVP4 VPN router has been reported prone to a sensitive information disclosure vulnerability. It has been reported that SNMP community strings which, are world readble by default, contain sensitive...
Linksys WAP55AG 1.0.7 SNMP Community String Insecure Configuration Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9688/info Linksys WAP55AG appliance has been reported prone to an insecure default configuration vulnerability. It has been reported that all SNMP MIB Management Information Base community strings, even read/write strings...
Orinoco OEM Residential Gateway SNMP Community String Remote Configuration
No description provided by source. source: http://www.securityfocus.com/bid/5436/info Orinoco is the manufacturer of various wireless network components, including access points and network cards. It is possible to remotely gain access to the identification string used for configuration of OEM...
Multiple Vendor SNMP public Community String Information Disclosure
Nessus was able to enumerate sensitive information on the remote device by sending SNMP requests using 'public' as the SNMP community string. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid74091; scriptversion"$Revision: 1.2 $"; scriptcvsdate"$Date: 2015/09/24 23:21:...
SNMP Public Community String Zero Day in Routers Disclosed
Researchers have discovered previously unreported problems in SNMP on embedded devices where devices such as secondary market home routers and a popular enterprise-grade load balancer are leaking authentication details in plain text. The data could be extracted by gaining access to the read-only...
DEBIAN-CVE-2014-2285
The perltrapdhandler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service snmptrapd crash via an empty community string in an SNMP trap, which triggers a NULL pointer dereference...
CVE-2014-2285
The perltrapdhandler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service snmptrapd crash via an empty community string in an SNMP trap, which triggers a NULL pointer dereference...
CVE-2014-2285
The perltrapdhandler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service snmptrapd crash via an empty community string in an SNMP trap, which triggers a NULL pointer dereference...
net-snmp: snmptrapd crash when using a trap with empty community string
The perltrapdhandler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service snmptrapd crash via an empty community string in an SNMP trap, which triggers a NULL pointer dereference...
MGASA-2014-0122 Updated net-snmp packages fix two vulnerabilities
Updated net-snmp packages fix security vulnerabilities: Remotely exploitable denial of service vulnerability in Net-SNMP, in the Linux implementation of the ICMP-MIB, making the SNMP agent vulnerable if it is making use of the ICMP-MIB table objects CVE-2014-2284. Remotely exploitable denial of...
Samsung / Dell Printer SNMP Backdoor
The remote host appears to be a Samsung printer, or a Dell printer manufactured by Samsung. It has a hard-coded SNMP read-write community string that allows access even when SNMP has been disabled in the printer management utility. A remote, unauthenticated attacker can exploit this to take contr...
Samsung Printer SNMP Hardcoded Community String Authentication Bypass Vulnerability
Samsung Printers are prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nmap NSE net: snmp-processes
Attempts to enumerate running processes through SNMP. SYNTAX: snmpcommunity: The community string to use. If not given, it is ''public'', or whatever is passed to 'buildPacket'. OpenVAS Vulnerability Test $Id: gbnmapsnmpprocessesnet.nasl 5499 2017-03-06 13:06:09Z teissa $ Autogenerated NSE wrappe...
Nmap NSE net: snmp-brute
Attempts to find an SNMP community string by brute force guessing. SYNTAX: snmplist: The filename of a list of community strings to try. snmpcommunity: The community string to use. If not given, it is ''public'', or whatever is passed to 'buildPacket'. OpenVAS Vulnerability Test $Id:...
Accton-based switches (3com, Dell, SMC, Foundry, EdgeCore) Backdoor
Exploit for windows platform in category remote exploits =================================================================== Accton-based switches 3com, Dell, SMC, Foundry, EdgeCore Backdoor =================================================================== On the 15th of august 2009, at the...