Huge Flaw in SNMP

For any one using a router

Page 1 of 1

8 Replies - 1594 Views - Last Post: 28 February 2002 - 09:59 PM

#1 SlashRaid   User is offline

  • Dream.In.Force

Reputation: 1
  • View blog
  • Posts: 2,421
  • Joined: 21-January 02

Huge Flaw in SNMP

Posted 13 February 2002 - 08:08 AM

A huge flaw in Simple Network Manager Protocol (SNMP) was recently discovered by researchers at the University of Finland at Oulu. The flaw could allow hackers to shut down or gain control of devices using the protcol. The danger is huge and ranges from desktops to traffic management systems.


For more information and a partial list of vendor items that may be affected read the full CERT Advisory CA-2002-03


More info can also be found at the following:

(Edited by SlashRaid at 10:12 am on Feb. 13, 2002)
Two more links:

(Edited by SlashRaid at 12:55 pm on Feb. 13, 2002)


Is This A Good Question/Topic? 0
  • +

Replies To: Huge Flaw in SNMP

#2 SlashRaid   User is offline

  • Dream.In.Force

Reputation: 1
  • View blog
  • Posts: 2,421
  • Joined: 21-January 02

Re: Huge Flaw in SNMP

Posted 13 February 2002 - 10:51 AM

Here is a quick update for any of you who may need it:


Microsoft Security Bulletin MS02-006 covers this for Microsoft® Windows® 95, 98, 98SE, Windows NT® 4.0, Windows 2000 or Windows XP systems that use SNMP. Thing is there is no patch available for it, still in development... Good ol' M$.


On the other hand....


Red Hat Advisory RHSA-2001:163-20 offers update packages for Red Hat Linux 6.2, 7, 7.1, and 7.2. Downloads are available at the advisory listed above.


Was This Post Helpful? 0
  • +
  • -

#3 SlashRaid   User is offline

  • Dream.In.Force

Reputation: 1
  • View blog
  • Posts: 2,421
  • Joined: 21-January 02

Re: Huge Flaw in SNMP

Posted 13 February 2002 - 11:03 AM

For anyone interested in some extremely deep reading, you can check out the PROTOS Project Report on the SNMP flaw. This is from the group at the University of Oulu who discovered the flaw.


PROTOS Test-Suite: c06-snmpv1 Report
Was This Post Helpful? 0
  • +
  • -

#4 SlashRaid   User is offline

  • Dream.In.Force

Reputation: 1
  • View blog
  • Posts: 2,421
  • Joined: 21-January 02

Re: Huge Flaw in SNMP

Posted 13 February 2002 - 02:09 PM

Another fresh update.
Was This Post Helpful? 0
  • +
  • -

#5 SlashRaid   User is offline

  • Dream.In.Force

Reputation: 1
  • View blog
  • Posts: 2,421
  • Joined: 21-January 02

Re: Huge Flaw in SNMP

Posted 15 February 2002 - 09:10 AM

SANS has released a scanning tool for WinNT/2K called SNMPing which will find SNMP daemons running on a TCP/IP network. It defaults to port 161, but you can enter the port of your choice.

In order to send bulletins about upgrades and bugs to users of the tool, SANS prefers that you e-mail them at [email protected] to get it. It's automated and takes only a minute to get a reply.

Also on Feb. 20, 2002 SANS and the Center for Internet Security will have a web broadcast w/ the tools main authors to show what the tool does and how to use it. It's set for 1:00 pm EST. A little more detail is offered here.

By the way, Microsoft has still not put a patch out yet. (11:00 am EST)
Good related read on the matter

Sources:


Was This Post Helpful? 0
  • +
  • -

#6 SlashRaid   User is offline

  • Dream.In.Force

Reputation: 1
  • View blog
  • Posts: 2,421
  • Joined: 21-January 02

Re: Huge Flaw in SNMP

Posted 25 February 2002 - 06:40 AM

Came across this article today. A lot of the SNMP vulnerabilities are still lurking out there still with no fix. A few aduit tools are refernced for those who may need them.
Was This Post Helpful? 0
  • +
  • -

#7 SlashRaid   User is offline

  • Dream.In.Force

Reputation: 1
  • View blog
  • Posts: 2,421
  • Joined: 21-January 02

Re: Huge Flaw in SNMP

Posted 25 February 2002 - 07:32 AM

Update:

Mandrake fix for ucp-snmp for packages 7.1, 7.2, 8.0, 8.1, Corporate Server 1.0.1, Single Network Firewall 7.2.

Squid Proxy Cache Security Update for Squid-2.x up to and including 2.4.STABLE3 here or here.

FreeBSD Squid Update

Was This Post Helpful? 0
  • +
  • -

#8 Vetritus03   User is offline

  • Microsoft.Whore

Reputation: 5
  • View blog
  • Posts: 1,742
  • Joined: 31-August 01

Re: Huge Flaw in SNMP

Posted 26 February 2002 - 12:58 AM

holy schmoly!  a one-man posting frenzy!  couldn't resist.
Was This Post Helpful? 0
  • +
  • -

#9 SlashRaid   User is offline

  • Dream.In.Force

Reputation: 1
  • View blog
  • Posts: 2,421
  • Joined: 21-January 02

Re: Huge Flaw in SNMP

Posted 28 February 2002 - 09:59 PM

Quote

Quote: from Vetritus03 on 2:58 am on Feb. 26, 2002
holy schmoly!  a one-man posting frenzy!  couldn't resist.
Here's one for Vet:Should of posted it earlier...... :wink:

More SNMP patches

Was This Post Helpful? 0
  • +
  • -

Page 1 of 1