Nortel Networks CVX 1800 discloses privileged information

Overview The Nortel Networks CVX 1800 Multi-Service Access Switch discloses privileged information. Description The CVX 1800 Multi-Service Access Switch is a large modem bank typically used by large carriers and ISP's. When the CVX 1800 is queried with a specially crafted snmpwalk, it will respon...

CVE-2001-1262

Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote attackers to bypass authentication with a 0 length community string...

Nortel CVX 1800s will dump all local user names and passwords via SNMP

The Nortel CVX 1800 is a modem bank containing up to 2600 modems per box. Many ISP's are using them for their dial-up customers. While querying the CVX-1800 for SNMP codes to use in a modem statistics program I was writing, I discovered the CVX-1800 will spill out all user names and passwords in...

CVE-2002-0109

Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string "public," which causes the router to change its configuration and send SNMP...

Default SNMP configuration issue with Foundry Networks EdgeIron 4802F

28-02-02 -- [email protected] "The EdgeIron family of Layer 2 switches is designed to provide wire-speed performance, superior port density, and complete standard Layer 2 feature sets at an aggressive price for Enterprise users." Problem: -------- Foundry Networks EdgeIron 4802F Fast...

CVE-2001-1221

D-Link DWL-1000AP Firmware 3.2.28 483 Wireless LAN Access Point uses a default SNMP community string of 'public' which allows remote attackers to gain sensitive information...

CVE-2001-1221

D-Link DWL-1000AP Firmware 3.2.28 483 Wireless LAN Access Point uses a default SNMP community string of 'public' which allows remote attackers to gain sensitive information...

CVE-2001-0711

Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface ILMI SNMP community string...

CVE-1999-1245

The CVE-1999-1245 entry concerns vacm ucd-snmp SNMP server (version 3.52) that fails to disable access to the public community string, enabling potential remote information disclosure. Described impact is partial confidentiality loss with network access and no integrity/availability impact stated...

CVE-1999-1245

vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote attackers to obtain sensitive information...

CVE-2001-0380

Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 allows a remote attacker SNMP read and write access via a default, undocumented community string 'ILMI'...

Cisco CatOS VACM read-write Community String Device Configuration Manipulation

It is possible to obtain the remote private community strings using the View-Based Access Control MIB VACM of the remote Cisco router. An attacker may use this flaw to gain read/write SNMP access on this router. Note that a value in this table does not necessarily mean that an instance with the...

CVE-2001-0380

Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 allows a remote attacker SNMP read and write access via a default, undocumented community string 'ILMI'...

Multiple networking devices allow SNMP objects to be viewed/modified via ILMI community string

Overview There is a vulnerability in the remote management architecture for Asynchronous Transfer Mode ATM networking devices that permits unauthorized access to configuration information. An attacker who gains access to an affected device can read and modify its configuration, creating a...

Cisco IOS creates SNMP read-only community string

Overview There is a vulnerability that permits unauthorized access to several switch and router products manufactured by Cisco Systems. An attacker who gains access to an affected device can read its configuration, creating an information leak. Description Certain versions of the Cisco...

ILMI community in olicom/crosscomm routers

Crosscomm/Olicom routers have a undocumented community string ILMI yes, the same as in cisco : that has read and write permissions i didn't check the whole tree, but you can set system.sysContact.0 for example. This was checked on a XLT-F router with software 'XL 80 IM Version 5.5 Build Level 2'...

Olicom XLT-F XL 80 IM V5.5BL2 - Undocumented Community String

source: https://www.securityfocus.com/bid/2802/info Olicom routers were previously manufactured and distributed by Olicom, a company now owned by Intel. Olicom routers provide a low-cost routing solution for small businesses. A problem with Olicom routers could allow unauthorized access to certai...

Olicom XLT-F XL 80 IM V5.5BL2 - Undocumented Community String

Olicom XLT-F XL 80 IM V5.5BL2 - Undocumented Community String source: https://www.securityfocus.com/bid/2802/info Olicom routers were previously manufactured and distributed by Olicom, a company now owned by Intel. Olicom routers provide a low-cost routing solution for small businesses. A problem...

Cisco Security Advisory: Cisco IOS Software Multiple SNMP Community String Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: Cisco IOS Software Multiple SNMP Community String Vulnerabilities Revision 1.0: INTERIM For Public Release 2001 February 28 11:00 US/Eastern UTC+0500 ------------------------------------------------------------------------ Summary Multip...

CVE-2001-1434

Cisco IOS 12.05XU through 12.12 allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created...